Failure to comply with the PCI-DSS can result in hefty fines for the offending merchant. Card networks can charge acquiring banks penalties in the thousands of dollars per month, and the acquiring banks then pass those penalties onto their merchants, costing merchants dearly. Because of this risk, it is necessary to research how your acquiring bank helps you stay PCI-compliant.
If you do experience a data breach, even if you’re PCI-compliant, you can still face fines and penalties. You may be required to pay cardholders whose data was stolen, which can total around $50-$90 per cardholder. Additionally, customers may lose faith in your company and be wary of returning to purchase from you.
Lawsuits are also a consequence of a data breach. Big-name companies pay settlements in the millions of dollars if they experience a cyber-attack. Target was the subjects of a major data breach just a few short years ago in 2013 and paid an $18.5 million multi-state settlement in 2017. In 2015, as the result of a class-action lawsuit, the retail company paid cardholders $10 million.
If you refuse to comply with the PCI-DSS, not only can you incur all of these potential fines and consequences, you also run the risk of your acquiring bank terminating your merchant account. All in all, it is just a much better idea to spend the time becoming PCI-compliant and drastically reducing the chances of a breach. Here at MacPayments, we help merchants stay compliant through our partnership with ControlScan.
You can learn more about it here.
