It is a requirement that all businesses must renew their PCI DSS certificate on an annual basis in order to remain compliant and avoid non-compliance fees from the acquirer.
Payment Card Industry Data Security Standard (PCI DSS) is a global security initiative designed to protect your business, your customers and the banks. Created by the major card schemes, PCI DSS is a set of mandatory requirements that apply to all businesses taking credit and debit card payments, regardless of their size or transaction volume.
When a customer makes a card payment face-to-face via a chip and PIN machine, over the phone or online they are entrusting your business with their financial and personal information. Equally, you’re trusting them to be the legitimate cardholder and be exactly who they say they are.
Every business that accepts, transmits or stores important cardholder data must be compliant to ensure processing and storage is secure, protecting against fraud and other financial crime. Being compliant will not stop fraudsters targeting your business, but it will place you in the strongest position to prevent an attack and avoid the financial and reputational damage that can occur as a result.
We recommend that all merchants comply with PCI standards, as it gives advantages to businesses of all sizes, including: Increased peace of mind over data security, a demonstrable high regard of customers’ security and an essential component of any vulnerability management plan.
Failure to comply could result in financial penalties in the event of data compromise from within your organisation. If you are unable to demonstrate PCI DSS compliance, you may be liable for any losses that arise.