60% of Merchants are Unaware of The Costs They Would Incur for a Data Breach

| By:

Posted on January 12, 2011 at 8:34 PM

The process is so routine, that you may not give it any thought. Customer enters your store, purchases an item using a credit card, and the funds are deposited in your bank account a day or two later. Your terminal for swiping cards never gives you any problems and your customer service representative is a pretty nice guy. And then one day you have a data breach…….

A data breach, regardless of how it happened, is your liability. According to the 2009 U.S. Cost of a Data Breach Study by the Ponemon Institute, the average cost for merchants coping with a data breach in 2009 was $6.7 million. $6.7 Million!

That National Retail Federation(NRF) and First Data have just published a study that indicates 60% of merchants are unaware of the costs they would incur for a data breach and 64% believe their businesses are not vulnerable to credit/debit card data theft. The numbers are alarming and it sheds light on a problem that merchant processing salespeople face these days. Many business owners have been told at one point or another that their credit card machine is old, non-compliant, or requires an upgrade. This can come off sounding like a cheap sales pitch, especially after being informed that the upgrade involves some kind of fee.

Heed their words. Payment Card Industry Data Security Standard(PCI DSS) compliance is mandatory and you can be hit with fines for a violation. Business owners are required to perform a Self-Assessment Questionnaire(SAQ) once a year. If you’ve never performed one or aren’t familiar with it, you can pick up instructions and questionnaires on the PCI DSS website. (https://www.pcisecuritystandards.org/merchants/self_assessment_form.php)

Protect your customers. Preach it, don’t breach it.



Last modified: August 31, 2011
Sean Murray

Category: Merchant Processing, MPR Authored

Home Merchant Processing, MPR Authored › 60% of Merchants are Unaware of The Costs They Would Incur for a Data Breach