This topic has come up at recent conferences, with questions such as: “Why am I paying a fee for PCI?”, “What is PCI compliance?” and “How can I remain PCI compliant, they keep changing the requirements?”
Let’s start with the first question. Here are 7 ways to Avoid unnecessary PCI compliance fees – and serve clients better by not only being compliant, staying compliant.
1 – Never write down credit cards…ever. (Yes, businesses are still doing this and should not still be doing this.)
2 – Stop using more than one processing system. (If, for example, you’re using PayPal online and Square for in person transactions, you need to eliminate one of them.)
3 – Sharing one user account with more than one team member (and, probably not changing the password often enough.)
4 – Stop using swipe-only card readers.
5 – Sharing the WiFi network used for credit card processing with guests.
6 – Skipping, or delaying, performing your annual PCI Compliance audit.
7 – Not updating POS software when prompted by a software/hardware provider.
Perhaps this list starts to get into a few aspects of PCI compliance – which is set by the industry organization as the standard(s) for anyone or any business processing credit card transactions. If you followed the link to the council, you can easily see how complicated it is…
A good place to start is to follow some very basic steps to eliminate risk. These seven can help; but performing the entire internal audit process is necessary to become, and remain, PCI compliant.
So, start with the above several risky practices that are PCI non-compliant and if you get stuck, or don’t know what to do next, contact us for help.
We routinely support our clients through the process and help them save unnecessary fees! If you have seen a PCI fee on your statement, or think you might have some exposure, let us know.