The leading card associations (Visa, MasterCard, American Express, etc.) have adopted comprehensive requirements for safeguarding cardholder data and have placed the burden on merchants to understand and follow these requirements to minimize any risk that cardholder data is stolen or misused.
This burden can become costly. In addition to the prospect of being sued by cardholders whose card information may have been stolen, merchants face the risk that card associations may fine them for any real or threatened data security breaches. The fines levied by Visa and MasterCard start at $10,000 for the smallest, unintentional data breach, and can climb to as much as $500,000. In addition, the card associations can require merchants to reimburse member banks for purchases made using stolen cards, for the replacement of stolen cards, and for the cost of expensive forensic audits.
Many data breaches are caused by the carelessness or dishonesty of an employee. Others result from computer savvy thieves hacking into a merchant’s network from the street corner outside or a remote location thousands of miles away.
Simply stated, no merchant is free from the prospect of a data breach – and a single data breach can be devastating to the merchant’s business and goodwill.
To minimize your risk, you are encouraged to begin verifying your compliance today, and we are here to assist you. This web site was created, as part of our Compliance Program, to help identify and support any remediation steps you may need to take, and provide you with educational resources to help answer any questions you might have about FACTA and PCI DSS compliance.