Credit Card and Check Fraud costs consumers, merchants and financial institutions $51 billion a year. Fines for breaches can reach $500,000 can you afford NOT to be compliant?
What does “being compliant” mean”? It means that the way you “process, transmit and store” data has been “validated”, by a third party known as QSA (Qualified Security Assessor). Basically, it means that you have filled out the correct questionnaire, that your computer has been scanned if necessary and that you have taken the correct steps to fix anything that has been determined to be in violations of “Visa Best Practices”.
Can I store the card data? Visa rules prohibit the storage of the full contents of the magnetic stripe, CVV2 (code on back), or PIN data.
What happens if I don’t sign up to become “Validated”? You will be subject to fines and termination, as well as have a greater possibility of being breached.
What are the fines? Fines can be anywhere from $10,000 to $500,000 per occurrence.
What are the benefits of becoming Validated? You will know that you have taken various steps necessary to make your clients data secure. You will also be able to convey that to them as a sign of how important they are to you. You will get a certificate that can be posted in your place of business.
Can I just get insurance to cover any losses? You should check with your insurance company. It is our experience that they would still want you to become “Validated”.
Why do I have to pay a yearly fee? Businesses change how they process and store data every year so you have to make sure you stay compliant every year.
Visa also provides more information at this website: www.visa.com/cisp