Until recently, compliance for acceptance of Visa and MasterCard was at best voluntary and at worst ignored. This is no longer the case; failure to comply with the regulations set by the Payment Card Industry (PCI) Security Standard can lead to termination of card acceptance privileges and more.
Let’s debunk three common misconceptions:
The answer to all three questions is False. PCI applies to all merchants, no matter their size or business format. It also applies to all card types. Any merchant handling, transmitting, storing or touching credit card information falls under the rules of PCI, without exception!
What Is PCI?
PCI was developed to reduce the risk of security violations and fraud within the credit card acceptance industry. To ensure companies achieve compliance, PCI uses a 12-step program that includes an external penetration scan to make sure hackers can’t break the merchant’s site, where payment/account information is given. Unfortunately, passing a penetration scan doesn’t protect your site from hackers; it simply means your site passed when the scan was conducted with techniques employed by a particular scan company.
PCI identifies four categories of merchants. The number of transactions you process annually defines how you will be categorized. Typically, self-storage companies fall into level four, which includes merchants who process less than 20,000 Visa e-commerce transactions and fewer than 6 million total per year. However—and this is important—a merchant can unilaterally be moved to any category by Visa or other processors.
The category-four requirements are relatively benign compared to those for a category-one merchant, which includes hefty businesses like Amazon.com. Still, self-storage owners must complete a self-assessment questionnaire and a quarterly penetration scan. The self-assessment must be validated by the merchant, and penetration scans by an independent certified assessor.
Some self-assessment questions are highly technical. In general, the questionnaire follows PCI format with each series of questions relating to a specific card-industry component. If the questionnaire confuses you in any way, seek expert advice. Companies that incorrectly complete or fabricate their self-assessment, for whatever reasons, will be examined and potentially classified as fraudulent. The punishment is immediate termination.
Penetration scans are provided by a number of companies. MasterCard now provides scans without charge. The only requirement is the merchant follow defined procedures and protocols.
Now that you’ve read the skinny on compliance, take the necessary steps to protect yourself and your customers from credit card fraud.
Ross Federgreen is a co-founder of CSRSI, which provides an integrated approach to the analysis, design, implementation, deployment and management of electronic transaction services and systems. Since 1999, the company has helped more than 600 public and private institutions reduce the cost of acquiring money and minimize the liability exposure related to payment transactions and customer data. Its products include monitoring of merchant service activities for fraud, charge-backs, credits and disputes, as well as the Credit Card Analysis System. For more information, call 866.462.7774, ext. 23; e-mail email@example.com; visit www.csrsi.com.
The Skinny on Compliance
- Advice for Choosing Self-Storage Facility-Management Software in 2013
- Being Managed by a Self-Storage REIT: Executives Discuss the Benefits, Challenges and Transition Process
- What Would You Do? Getting a Grip on Self-Storage Crime
- 10 Ways for Self-Storage Owners to Reduce Expenses and Improve Cash Flow
- What Would You Do? Tips for Managing Your Self-Storage Mulah
- Kutztown, PA, Gets Its First Self-Storage Facility
- Georgia Governor Signs New Self-Storage Lien Law
- Big Yellow Self Storage Employees in Swindon, England, Pedal to Fight Cystic Fibrosis
- City Denies Menards Self Storage Conversion Project in Janesville, WI
- The Lock Up Self Storage to Build Facilities in Wheaton, IL, and Bonita Springs, FL