Page 46 - GS170901
P. 46
Education
validated payment applica-
While breaches at major retailers make headlines, small tions, and lists of compliant
businesses are often hit harder than larger ones because of payment-service and soft-
their comparatively low cash reserves and less robust security ware providers. These pro-
viders can include payment
resources. Small businesses that suffer data breaches lose processors and gateway ser-
an average of $20,752 as a result – and small businesses are vices, payment application
disproportionately the targets of criminals, because they know vendors, fraud-protection
services, and e-commerce
they're usually easier to crack than major retailers. web hosting services.
Outsourcing portions of PCI
DSS compliance to payment
Why comply with PCI DSS? and fraud-screening ven-
dors can help prevent data
In the face of such complex requirements, some small business owners may wonder breaches and protect cus-
if PCI DSS compliance is worth the effort. They need to be reminded that PCI DSS tomer data, while also free-
compliance helps protect merchants and businesses that handle card data from the ing up business owners and
consequences of data breaches, like fraud losses, loss of customers and sales due to managers to address such
eroded trust, fines and penalties from banks and card brands, and the cost of lawsuits issues as password man-
and judgments. Card brands and merchant banks may stop doing business with agement and physical data
merchants who are noncompliant, so in the worst-case scenario, the consequence for security, as well as focus on
noncompliance is business failure. their core business goals.
Even less severe consequences are costly. While breaches at major retailers make head- Merchants evaluating their
lines, small businesses are often hit harder than larger ones because of their compara- options should keep in mind
tively low cash reserves and less robust security resources. Small businesses that suffer that any vendor that handles
data breaches lose an average of $20,752 as a result – and small businesses are dispro- card data on behalf of a busi-
portionately the targets of criminals, because they know they're usually easier to crack ness should be able to an-
than major retailers. Given a choice between costly business risks and ongoing compli- swer questions about its data
ance efforts, compliance is by far the best choice. capture and transmission
What to consider when outsourcing? security services, guarantee
ongoing PCI DSS compli-
The PCI DSS provides payment protection resources for small merchants, including ance, and provide ongoing
a guide to common payment systems used by small and midsize businesses, lists of maintenance plus proof of
PCI DSS compliance at least
once a year.
Rafael Lourenco is the Executive
Vice President at ClearSale, a card-
not-present fraud prevention oper-
ation that protects e-commerce
merchants against chargebacks.
ClearSale is the only solution of its
kind that does not auto-decline;
its manual review process ensures
that suspect transactions are never
denied outright, which provides the
highest approval rates industry-
wide and virtually eliminates false
positives. Please follow the com-
pany on Twitter at @ClearSaleUS or
visit https://clear.sale/.
46
