Continue to Site

    PCI Compliance: What Operators Need to Know

  • Industry News February 25, 2009
    Retailers are staring down the barrel of deadlines for PCI DSS Compliance (July 1, 2010) and a lagging economy. Many multi-location retailers believe that they will need to invest tens of thousands of dollars per POS, in most cases purchasing new equipment, renegotiating processing contracts, and dumping heavy investment in IT resources, which is a daunting prospect in any economy. Also, retailers linked to locations that use disparate POS solutions may foresee a rockier road.

    Fortunately for retailers, there are a handful of companies that have developed PCI Compliant solutions that work with a vast array of POS terminals, software, and middleware, and also link to multiple processors.

    For retailers, this means a flexible, low-cost solution that will enable them to keep their existing processing relationships.

    Just in case this seems a little complicated, retailers that are not PCI DSS Compliant by the published dates will lose the ability to accept credit cards. That is a business decision very few people are willing to make.

    "Many retailers are recalcitrant to explore PCI updates, because it can seem almost like a Pandora 's Box," says Sam Bellamy, COO of FreedomPay. "Data encryption, point of sale updates, software reviews--this can all seem overwhelming. The key to cost-effective compliance is picking a trusted partner that can work with your infrastructure (and not vice versa), is respectful of cost restrictions and understands what the future of compliance looks like. Too many vendors try to force a specific and costly solution on companies."

    "In addition to PCI Compliance, vendors should also have extensive processing and payments experience. We have found that clients undergoing PCI review leverage 'going under the hood' so to speak and take stock of their processing relationships and actually save money," Bellamy says.

    Read More