If you have a website that takes payment online, somewhere along the line you likely pay an annual fee for PCI Compliance.
PCI actually stands for Payment Card Industry, but for many it feels like it could also stand for “Pretty Confusing.”
So let’s avoid all of that confusion and get you the facts. Here’s what you need to know about PCI.
If you have a bank account tied to a payment processor for the purpose of accepting funds on your site, your payment processor likely provides the PCI compliance/scanning services.
Here at TKG, we work with a large company called First Data. They are pros at getting a client set up and serviced – and make it easy for the customer and site provider to stay current on compliance. They work with multiple banks so you are not tied down in having to keep your account in one place.
As a vendor, it’s a necessary evil. To be successful online, you almost have to still accept cards as payment. To that end, PCI compliance has become quite an industry over the past several years.
There are now companies that will cold call you as a business and implement scare tactics along the lines of “we completed a scan of your site and noticed that you are not currently protected, please contact us right away” or something similar. This approach always reminds me of the long distance companies “slamming” people years ago and all of a sudden people would start getting bills from another provider.
This is something to be aware of and watch out for. If you receive an “alarming” email or phone call regarding the security of your site – or specifically, PCI compliance – start with your payment provider. This would be the company that actually processes the “swiped” cards online, takes a fee and then deposits funds in your existing bank account. Most of these payment gateway services provide this type of PCI compliance (already in fees you pay them) as part of an annual service.
Most importantly, just know that these panic messages you might receive are not going to impede your business, so don’t feel the need to respond to their offer or request at that very moment. Confirm what services you might already have from your provider so you can likely avoid additional fees and annual hassle from an additional vendor.