Why is it important to be PCI compliant?
The Payment Card Industry Data Security Standard (PCI DSS) is a set of rules and regulations around credit cards, sensitive payment data, and other identifiers. Merchants are subject to $25+ fines per card leaked, suspension of merchant privileges, and mitigation costs that could skyrocket into millions of dollars for even a small data breach.
80% of customers will leave a brand after a data breach. *
Only 52.5 percent of companies held full compliance in 2017. *
Companies such as Target, Wendy’s, Chipotle, GameStop, and Yahoo have had user accounts, customer identification, and payment card information hacked from their systems. Businesses are no longer just physical places, but virtual ones that can be accessed, and breached, anywhere at any time from multiple devices.
It is important for customers to know that their data is being protected because many businesses are susceptible to data breaches at their customer’s expense. Read more for the benefits of being PCI compliant to your company’s security and risk mitigation.
1. DECREASED RISK OF SECURITY BREACHES
Simply locking your physical doors at night is not enough to keep business safe anymore. Businesses are no longer just physical places, but virtual ones that can be accessed, and breached, anywhere at any time from multiple devices. With the compliance regulations in place today, it’s time to get some new locks that monitor all of the channels your consumers engage with your business on. These locks come in the form of access control, compliance procedures, two factor authentication, and many other processes that will keep you and your customers’ data safe, wherever it may be.
PCI compliance isn’t just about checking off a list of guidelines — it’s a very real and proven way to protect you and your customers’ data from outside attacks. In fact, a recent Verizon study found that compliant businesses are 50% more likely to successfully withstand a breach.
2. PEACE OF MIND
With breaches much less likely to happen, you’ll have one less thing to worry about in the daily course of running your business. You’ll appreciate this peace of mind, and over time, your customers will, too (see the next benefit).
3. BOOST IN CUSTOMER CONFIDENCE
Would you patron a business if you knew it was likely your credit card information could get stolen? I know I wouldn’t. Consumers may not currently understand every detail about what it means to be compliant, but with many public breaches in the news, awareness about the issue is growing. It’s only a matter of time before customers see PCI compliance as a sign that your business follows best practices. Customer confidence can really affect your brand and your bottomline. People are less likely to spend money with your business if they don’t feel confident you’re keeping their data safe. Two-thirds of US adults wouldn’t return to a business after a data breach.
4. DATA BREACHES ARE EXPENSIVE
Data breaches can cost you a ton in both money and customer confidence. There’s the cost of replacing credit cards, paying fines, and paying compensations for what the customers have lost, not to mention investigation costs and audits on the business side. It can add up pretty quickly.
Here’s a list of average costs your business could sustain in a data breach:
• Merchant processor compromise fine: $5,000 – $50,000
• Card brand compromise fees: $5,000 – $500,000
• Forensic investigation: $12,000 – $100,000
• Onsite QSA assessments following the breach: $20,000 – $100,000
• Free credit monitoring for affected individuals: $10 – 30/card
• Card re-issuance penalties: $3 – $10 per card
• Security updates: $15,000+
• Lawyer fees: $5,000+
• Breach notification costs: $1,000+
• Technology repairs: $2,000+
• Loss of customer confidence: businesses often lose 40% of customers after a breach.
• Forensic investigation cost: $10,000-$100,000
So the total cost of even a small data breach could range between $77,000 and $875,000. Not to mention the loss of customer trust.
5. PROVIDES A SECURITY STANDARD
The PCI DSS provides a baseline of security requirements that help businesses know what to do and where to start on their security program. It instills confidence in your customers and partners that you take their security seriously and follow a guideline on how to handle their data.
Using the VoiceBase API, you can detect and redact PCI data from your recordings, transcripts, and analytics. More importantly, you can rest assured in VoiceBase, as we have built our entire system from the ground up to be secure, scalable, reliable, and are PCI DSS level 1 certified (the highest level of certification for securing online electronic transactions). We protect our customers from identity thefts, account data threats, and payment card fraud.
Learn more about how your business can get ahead of call center compliance and regulations. Get our Executive Guide to Call Center Compliance.
Data sources: https://www.goanywhere.com/blog/2017/02/03/8-shocking-pci-compliance-statistics | https://enterprise.verizon.com/resources/reports/2018_payment_security_report_en_xg.pdf https://www.ibm.com/security/data-breach | https://www.ispartnersllc.com/blog/pci-non-compliance-fines-consequences/ | https://www.cybintsolutions.com/cyber-security-facts-stats/ https://www.forbes.com/sites/forbestechcouncil/2017/12/08/mind-the-trust-gap-how-companies-can-retain-customers-after-a-security-breach