• filter:

Payment Card Industry (PCI) Compliance

  • Page :
  • 1
  • Text Only
  • Search this Topic »
Voting History
Anyone accept credit card payments?  There's an annual PCI (Payment Card Industry) Compliance we have to do every year.  This year they require a scanning of my system (consists of a cable modem and a POS terminal) and looks like they charged me a fee of $140 that was automatically deducted from my bank account.  I wasn't aware of the fee and there is no disclosure anywhere on the website before the scan.  I think this is a ripped off and intend to do something about it.  Anyone experiencing a similar situation?

Member Summary
Staff Summary
Thanks for visiting FatWallet.com. Join for free to remove this ad.

Who is the 'they' in third sentence? Is it a company you've contracted with to do a PCI audit? What do the terms or the contract that you signed with them say?
Depending on the size of your business a security scan and penetration test may be required.

Seems like you signed up for PCI compliance with a company that certifies that your infrastructure complies with PCI.  If so, did you sign up for the service on your own?  If not then may be your credit card processor did it on your behalf and now billing you for that service.  They don't have to tell you when they're doing the testing because the purpose of it to do it randomly.  I haven't worked on PCI related matters for several years now but I recall that they'd charge a higher rates or annual penalty for non PCI compliance.

This is standard PCI compliance for any company that uses a type of 'Online payment' where the program resides on their server.

It's normal and you definitely were notified by your processor of this fee. But as a year goes by employee's change or people forget that this happens yearly.

Past employer stored credit cards in an insecure manner on their system. (And still do to this day as far as I know.) Previous manager would lie on the questionnaires and make it "Sound Like" we were complaint. I did not want to do this once I was in charge, so questionnaires were not filled out and we simply paid some small fee for not doing PCI compliance. From what I remember it was between $75 and $150 (Per year?). I'm not sure if that fee would scale for larger companies, but we ran between 500K and $1 million per year in credit cards.

(FYI - I did manage to decrease the amount of cards stored insecurely , but there is only so much you can do when the problems come from the very top. Note that I chose to move on from that company. )

  • Quick Reply:  Have something quick to contribute? Just reply below and you're done! hide Quick Reply
    Click here for full-featured reply.

Disclaimer: By providing links to other sites, FatWallet.com does not guarantee, approve or endorse the information or products available at these sites, nor does a link indicate any association with or endorsement by the linked site to FatWallet.com.

Thanks for visiting FatWallet.com. Join for free to remove this ad.

While FatWallet makes every effort to post correct information, offers are subject to change without notice.
Some exclusions may apply based upon merchant policies.
© 1999-2017