Testimonial
"Understand our concerns and meet our requirements"
- Fat Face
Read more
Read more testimonials
Case Studies
White Stuff
White Stuff, the urban and outdoor clothing UK fashion retailer, has adopted a new managed communications solution in its 45 stores (14 live to date) and head office from Vodat
Read more
Speciality Retail Group
Specialty Retail Group (SRG) is one of UK's best known specialist menswear retailers.
Read more
Read more case studies

PCI DSS Compliance - Don't End Up Carrying the Costs

11/03/2011

The harsh reality is, the onus is on retailers to comply with the PCI DSS regulations and it is retailers who face the cost of non compliance - not their suppliers. Don't end up carrying unnecessary costs.

The bottom line for any retailer is the cost of becoming compliant versus the risk of not being compliant in the event of a security breach in any of the processes (including those of their suppliers) of taking payment through to settlement.

The PCI council has set out a number of documents to help retailers assess what level of compliance they require and in some if not most cases it is possible to complete one of four (A, B,C and D) levels of Self Assessment questionnaire that will provide self certification. It is crucial that the level is defined as the difference between them has a significant effect on cost; in particular the difference between C and D represents some 80 controls and 200 questions with the biggest impact on cost being that for level D you must complete external penetration tests on a regular basis

This can make a difference of tens of thousands of pounds to gain compliance and it is an annual requirement. Consequently, the higher the level of compliance that your supplier has, the less it will cost you to become compliant. But beware - a supplier is either on the PCI list or he is not - "compliant ready" means nothing in the PCI world, and even if they are on the list, it is how you as the retailer implement their systems into your own process that will be assessed for your overall compliance.

These are practical steps that will help you assess where you are in the pecking order; the PCI's publication "10 myths about PCI" is an essential read plus our simple "What flavour of PCI are you?" will help you define which questionnaire you need to complete.

By working with Vodat International, you can reduce your PCI compliance costs to an absolute minimum. All transactions that are passed over our network and through our data centres are guaranteed to comply with PCI and ISO27001 as part of our VIP-Transec service.

Is your UK retail business spending too much time and money on PCI DSS compliance? Lower your PCI compliance costs quickly and get guaranteed compliance with PCI DSS and ISO 27001 by calling Vodat International on 0161 406 1820 or contact us by e-mail.

< Back to Industry comments