If you are a small to medium business that takes card payments then you have probably heard the term PCI Compliance, or PCI DSS. You may also be wondering what it is, why you have to pay for it, and whether or not it is a legal requirement? Rest assured you are not alone! In fact, in the world of card payment processing, confusion around PCI Compliance is probably the most common annoyance for customers. So let's dive right in and get to the bottom of it.
PCI DSS stands for Payment Card Industry Data Security Standard.
In simple terms, it is a set of security standards that applies to ALL UK companies that accept, process, store or transmit credit card information that help maintain a secure environment.
No. You are not required by UK law to be compliant, however, card payment providers make it a contractual obligation when customers enter into an agreement with them. So regardless of the law, it is still mandatory.
Most card payment providers charge a monthly PCI management fee which usually ranges from £3-£6.
Yes. When signing a contract with a card payment provider you will also be agreeing to pay fines if and when you ever fail to be compliant. These fines can vary depending on business size, the length of non-compliance and any other breaches that may have occurred.
If you are new to taking card payments, your card payments provider should reach out to you within the first few weeks of your agreement to encourage you to become compliant. If you are already taking card payments but not sure if you are compliant, we recommend a quick call to your provider to double check. Becoming compliant involves going through a series of measures and tick box exercises to give an overview of your business and how it will manage various risk factors when it comes to accepting card payments. How long this process takes differs from business to business and can sometimes take a few hours to complete. Most card payment providers will offer a service whereby they can assist with becoming compliant for a fee.
At Specialist Payments, we understand how time-consuming becoming PCI Compliant can be. To make our customers lives simpler, we partner with a leading UK card payments provider that has a PCI Compliance process which can be completed in a matter of minutes. That way, you can spend more time doing what you do best and running your business.