PCI DSS Explained
If you take card payments, you'll need to be compliant.
If you store, process or transmit sensitive cardholder data then your organisation will be in scope for compliance with the Payment Card Industry Data Security Standard, known as PCI DSS.
You will need to achieve compliance as well as maintain it, every minute of every day to protect your business, your agents and your customers from the risk of fraud of the impact of a data breach. While not a legal obligation, it is required by the leading card companies for taking credit or debit card payments.
Here are a few interesting facts:
The threat of fines for non-compliance or the high costs if breaches occur is a firm driver for organisations to invest in compliance. For example, did you know?
- The average cost per compromised record globally is $148 
- The average cost of a breach event globally is $3.86 million 
- Non-compliance cost is an average of 2.71 times the cost of compliance 
- Companies can also experience business disruption, reduced productivity, fees, penalties, other legal and non-legal settlement costs.
There is a positive side - PCI DSS compliance is increasingly important and may bring major challenges, but it brings benefits too. A former US Deputy Attorney General stated “if you think compliance is expensive, try non-compliance”
Benefits PCI DSS compliance
Trust with card data
Compliance means that your systems are secure and customers can trust you with their sensitive payment card information. Your customers will also have confidence in doing business with you. They are more likely to become repeat customers and recommend you to others.
Reputation for security
Compliance improves your reputation with acquirers and payment brands — the partners you need for business. Customers will increasingly make purchasing decisions based around the security of their card details. Merchants that provide peace of mind will earn a reputation of trust and security.
Compliance and security
As data compromise becomes ever more sophisticated, it becomes difficult for merchants to stay ahead of each threat.
Becoming PCI DSS compliant is the first step. Now, you need to maintain it, every minute of every day to minimise the risk of security breaches and the theft of payment card data.
Card-not-Present (CNP) crime in contact centres continues to rise so it remains a top priority to significantly reduce the risk of fraud and the impact of a data breach. Download the eGuide to CNP crime in Contact Centres for advice on how to combat the threat.
PCI DSS compliance eGuide
For a jargon-free guide to PCI DSS compliance for contact centres download the eGuide for the answers in one place.
De-scoping your contact centre
If you’re not a payment security expert, achieving, let alone maintaining, PCI DSS compliance can be difficult. Why not consider easing your burden by de-scoping as much of your contact centre as you can? Download our guide to ‘Building a business case for de-scoping your contact centre’ to set you on your way.