PCI NON-COMPLIANT CONSEQUENCES
- Noncompliance Fines- The consequences of not being PCI compliant range from $5,000 to $500,000, which is levied by banks and credit card institutions. Banks may fine based on forensic research they must perform to remediate noncompliance. Credit card institutions may levy fines as a punishment for noncompliance and propose a timeline of increasing fines. The following table is an example of a time-cost schedule which Visa uses.
Month
|
Level 1
|
Level 2
|
1 to 3
|
$10,000 monthly
|
$5,000 monthly
|
4 to 6
|
$50,000 monthly
|
$25,000 monthly
|
7 and on
|
$100,000 monthly
|
$50,000 monthly
|
- Breach Consequences- Even if a company is 100% PCI compliant and validated, a breach in cardholder data may still occur. Cardholder Breaches can result in the following losses for a merchant.
- $50-$90 fine per cardholder data compromised
- Suspension of credit card acceptance by a merchant’s credit card account provider
- Loss of reputation with customers, suppliers, and partners
- Possible civil litigation from breached customers
- Loss of customer trust which effects future sales
|
No comments:
Post a Comment