Search
Search
 Call Merchant Advice Service
0800 304 78 75
 Get a Quote
Get A Quote

Understanding PCI Compliance

> Make A Quick Enquiry
Libby James
Merchant Services Expert

Libby James is co-founder, director and an expert in all things merchant services. Libby is the go-to specialist for business with more complex requirements or businesses that are struggling to find a provider that will accept them. Libby is regularly cited in trade, national and international media.

What is PCI Compliance?

At Merchant Advice Service, we frequently receive enquiries regarding PCI DSS Compliance. Clients seek clarity on what PCI stands for and, more importantly, how it impacts their business.

 

PCI DSS, or Payment Card Industry Data Security Standard, was introduced to the UK in September 2006. Its primary aim is to establish a secure environment for companies handling card transactions and consumer data. The PCI Security Standards Organisation manages and administers these standards and is an independent body formed by major card companies including Visa, MasterCard, American Express, JCB International, and Discover Financial Services. Notably, acquiring banks are responsible for enforcing compliance rather than the organisation itself.



Key PCI Compliance Checklist

PCI compliance is structured around six categories:

 

Build and maintain a secure network

Protect cardholder data

Maintain a vulnerability management program

Implement strong access control measures

Regularly monitor and test networks

Maintain an information security policy

 

Before delving deeper, it’s essential to note that some organisations impose hefty PCI fees on customers, even when compliance is a straightforward process. At Merchant Advice Service, our free consultation aims to provide cost-saving recommendations with no obligation.



PCI Compliance Levels and Validation Requirements

UK businesses fall into one of four PCI compliance levels based on Visa transaction volume, each with distinct validation requirements:

 

Level One: Merchants processing over 6 million Visa transactions per year.

 

Level Two: Merchants processing between 1 million and 6 million Visa transactions per year.

 

Level Three: Merchants processing between 20 thousand and 1 million e-commerce Visa transactions per year.

 

Level Four: Merchants processing fewer than 20 thousand e-commerce Visa transactions or up to 1 million Visa transactions per year.


Significance for Merchants

PCI DSS compliance demonstrates a commitment to safeguarding customer data, particularly crucial for e-commerce websites susceptible to cyber threats. Although compliance requirements may seem complex, they are obligatory for all businesses processing card payments.

Finding a PCI Compliant Assessor

Several reputable companies, including Trustwave, Control Scan, and SRM-Solutions, offer external assessments. A list of contacts and links is provided for further assistance.

 

PCI DSS Compliance Costs

Costs vary, with an average of £150 for assessments conducted annually. Some major merchant account providers, like Paypal and WorldPay, manage PCI compliance on behalf of merchants, charging monthly or annually. Notably, non-compliance charges could result in fines, starting at £3000.

 

Useful Links for PCI DSS Compliance

 

PCI SECURITY STANDARD COUNCIL

FIND AN ASSESSOR

SELF ASSESSMENTS

CALL US

FAQs (Frequently Asked Questions)

Commonly Asked Questions
What is PCI DSS?
PCI DSS stands for Payment Card Industry Data Security Standard. It is a set of security standards introduced to create a secure environment for companies handling card transactions and consumer data.
How are PCI compliance levels determined?
PCI compliance levels are determined by Visa transaction volume. There are four levels, ranging from Level One for merchants processing over 6 million Visa transactions per year to Level Four for merchants processing fewer than 20 thousand e-commerce Visa transactions.
Can PCI DSS non-compliance lead to fines?
Yes, non-compliance can lead to fines, with the minimum charge being £3000. Additional charges may be incurred based on the efforts required to make the business compliant.
Who enforces PCI compliance?
Acquiring banks are responsible for enforcing PCI compliance, not the organisations themselves.
How often are PCI assessments conducted?
PCI assessments are conducted annually to ensure ongoing compliance.
Is PCI compliance mandatory for all businesses processing card payments?
Yes, PCI compliance is compulsory for all businesses processing card payments.
What are the typical costs associated with PCI compliance?
Costs vary, but the average price for assessments is around £150. Some merchant account providers may charge additional monthly or annually.
Are there alternatives to paying for PCI compliance services?
Some merchant account providers, like PayPal and WorldPay, manage PCI compliance on behalf of merchants. It’s crucial to compare services and fees when choosing a provider.

How Merchant Advice Service Can Help

Understanding and implementing the Security Standard PCI DSS is crucial for all businesses that handle card transactions. Not adhering to these standards can lead to serious data breaches and hefty fines. It’s vital to restrict access to cardholder information and store cardholder data securely. Regular assessments, including Assessment Questionnaires SAQs and annual PCI DSS Requirement reviews, are essential to maintain compliance.

 

Failing to restrict physical access to sensitive data or adequately track and monitor access on a public network can pose significant risks. Remember, each card brand has specific requirements that must be met. Compliance is not just about avoiding penalties; it’s about protecting your customers and your business.

 

Merchant Advice Service is dedicated to helping you understand these complexities. We offer guidance to ensure your business complies with PCI DSS, helping you avoid unnecessary expenses and enhance your data security measures. Visit our blog page for more advice and insights into navigating the world of PCI compliance.


Need help choosing the right merchant account?
CONTACT US
Related Articles
Next Day Payment Clearing And Settlement Process
How to Reduce Chargebacks - A Definitive Guide
Navigating Escort Merchant Accounts: A Comprehensive Guide
Invoicing with a credit card payment facility
Fast merchant account approval
Google Pay, a Merchants guide
Card not present credit card processing
Understanding Batch Payment Processing
Merchant accounts for doctors, vets, opticians and dentists
How to accept Apple Pay
No Credit Check Merchant Services: Understanding Your Options
Alternative Payment Processors to Stripe
Financial services merchant accounts
Interchange rates explained
Navigating PSD2 Compliance For Your Business
Recurring Payment Processing: A Comprehensive Guide
Merchant Accounts and Payment Gateways for Aesthetics Clinics
Understanding Open Banking: A Guide for Businesses
No contract card processing
Finding the Best Merchant Services Broker or Card Processing Consultants
Merchant Accounts for Motor Trade Businesses
High Risk Merchant Accounts for Shopify
Multi-Merchant Accounts Explained: Boost Your Business with Versatility
Event payment processing
Merchant services for salons
Virtual Terminals for Processing Credit and Debit Cards
Tips for switching merchant account providers
Merchant Services for Estate Agents and Letting Agents
Short term merchant accounts
Finding the Best Website Credit Card Processing
Let’s talk payments and rolling reserve
Understanding PSR Regulations and the impact on your Business
Payment Processing for Alcohol Sales
Direct Sales and Network Marketing: Streamlining Your Payment Experience
Charity Merchant Services
Understanding Payment Service Providers (PSPs)
Payments for schools, academies, colleges and universities
Foreign Currency Merchant Account
Simple merchant accounts
Merchant Account Fees Explained
Understanding IVR Payments: A User-Focused Guide
Accepting contactless payments, a merchant guide.
Merchant services for taxi companies and drivers
Cheap credit card processing
Overseas credit card processing
Finding the best credit card processing fees
Ecommerce Merchant Services
Gym payments, a merchants' guide
High-Volume Merchant Processing: Powering Your Business Growth
American Express Merchant Services
Manual credit card processing
Nursery invoicing
Merchant Account for Startups: Simplifying Payment Processing
How to Accept Online Payments Without a Website: A User-Focused Guide
See more
...
see less

Need help choosing the right merchant account?

Start your enquiry here

Contact Us
Libby James

Libby James Co-founded Merchant Advice Service alongside David Bird in 2016. Her finance background, coupled with retail and customer service experience, gave Libby the drive to bring transparency and non-biased advice to the world of merchant services. Having come from the heavily regulated mortgage and insurance industry, Libby found it puzzling that other financial sectors lacked regulation and transparency leaving customers confused and unable to make informed decisions when it came to accepting card payments. This was soon to become Libby’s obsession!

With the help of some of the industry’s best, Libby began to research acquiring banks, complex terminology/regulation, and the problems customers experience within merchant services and payment gateway markets. She spent years on sourcing solutions for complex clients, which previously others were unable to assist with. Libby established relationships with brokers and banks which would soon form the cornerstone of Merchant Advice Service. As a result Libby has been featured in high-profile publications across the web.

Libby is proud to be the entrepreneur’s champion, supporting start-up businesses regularly. Her industry insights can often be found on LinkedIn where she provides free of charge advice and money saving pointers. It’s safe to say she has her finger on the pulse of everything card payments related.

Libby speaks of her experience in founding and running Merchant Advice Service…

‘Merchant Advice Service is one of my greatest achievements to date. We help business owners to overcome card processing issues which can become detrimental to their business. We assist SME’s in finding suitable card payments solutions, helping them create their vision. Each and every day is different, exciting and fore filling. As technology advances I can’t wait to see the way in which the merchant services market advances, and I’m pleased that our business will play a part in educating company owners along the way.’

Read more
...
Read less
More From This Author

Make A Quick Enquiry

Speak to us directly and get any questions you have answered. Submit your details and we’ll be in touch shortly.

Alternatively you can contact us directly using:0800 304 78 75

Just so you know, we take your privacy seriously and will only use your personal information to contact you via phone, email or text with updates on the progress of your enquiry and provide information only on relevant products and services.

    Merchant Advice Service
    0800 304 78 75
    [email protected]
    Merchant Advice Service Ltd.
    Sterling House,
    Outrams Wharf,
    Little Eaton,
    Derbyshire,
    DE21 5EL

    © Copyright 2024 Merchant Advice Service Ltd. Registered in England & Wales with company number 10343029.
    Bezant House, Bradgate Park View, Chellaston, Derby, United Kingdom DE73 5UH

    Web Design London and website maintenance by Webshape