Search Site

Have a Question?






Why use our tools?

A key to our success has been the ability to aggregate the right information and resources over internal controls, data security standards and the evolving financial reporting and IT security environments into our simple comprehensive solution.  ComplianceResourceKit.com gives our customers what they need to achieve their SOX 404 and PCI requirements. We provide the tools so you don’t have to!

Survey reveals businesses confused, unconvinced by PCI DSS

By Kristen Lawrence

24/02/2010 – A significant number of businesses are confused by the PCI compliance requirements, said a recent survey, posing serious risks to payment processing security for both consumers and merchants.

A survey conducted by Practical eCommerce found that 11.8 percent of businesses surveyed admitted they do not understand the PCI DSS requirements.

One respondent wrote in that he or she understood the PCI DSS “more or less,” but added that “some requirements are nearly impossible to meet, especially for small business.”

The survey also found that a third of respondents believe the standards are “confusing and a waste of money,” though 37.8 percent said they were “helpful and necessary.”

“It’s an attempt at making things more secure, but its implementation is causing more confusion and resentment than it’s helping for SMBs,” one respondent wrote in.

Furthermore, when asked if the PCI standards help keep consumers’ credit card information more secure, 43.1 percent of respondents agreed, while 23.5 percent said no and 33.3 percent were unsure.

While PCI compliance may seem burdensome, especially for small businesses, the consequences of noncompliance are even more burdensome and expensive – the costs of a payment processing security breach can be astronomical, not to mention the damage to a company’s reputation.
 
Next >