I recently was reading a blog by an employee of one of the largest payment processors in the United States. He said that he hears lots of complaints about the burden of PCI compliance. He says, like I do, that a major reason people are so opposed to becoming PCI compliant is because they simply do not understand the benefits and protections the PCI DSS (payment card industry data security standard) affords a business. He says that in the many post-data breach interviews he has conducted, that every victim inevitably states that he or she wishes someone had sat them down and really explained the significance and necessity of PCI compliance. Most people think it’s just some new time-wasting contrivance of an industry already resented for its profitability and autonomy (though recent government regulation has compelled some pricing controls) and ultimately unnecessary. Some other reservations of merchants recalled by this other industry blogger were that they believed PCI compliance to be a new form of taxation, or that service providers were just getting greedy.
I found it ironic that the blogger, who is employed by a huge payment settlement entity, he has to pass a blind eye over the real elephant in the room. More than the time required to become PCI compliant, more than the anxiety stemming from the strangeness and novelty of the requirement, people don’t like PCI compliance because of the monetary expense of being PCI compliant. That’s why it’s misconstrued as a form of taxation and or just the industry being greedy. Neatly avoiding that glaring issue all together, the article goes on to explain the benefits of PCI compliance, which anyone who reads this blog should know by now.
If your problem all along regarding the PCI DSS is the cost of becoming PCI compliant that your service provider is hitting you with on a monthly or yearly basis, you have come to the right place. See our home page for details on how to get your business PCI compliant, absolutely free!