Pci Dss Plan
2010
My small business accepts credit cards. Paid a company so I would be PCI DSS compliant. Is this required?
My small business accepts credit cards when we travel to trade shows around the country. Last year I was contacted by e-mail and told that I needed to purchase a plan from a company to protect the information from my customers. They said I needed to be PCI DSS compliant. Is this a scam? Is this something I should keep doing? How does something like this protect anyone? As I recall the cost was several hundred dollars. It is time to renew, and I want to be sure that this is legitimate.
Is your company big enough that you have to worry about one of your employees stealing a customers information? In all honesty, A small business where only a select few have access to such info is something I would not delve into this.
I personally when taking orders have not ever had one customer ask me if I used any type of insurance protecting their information from being stolen.
So unless you have a company large enough that you do not personally know your people that are accepting the credit card info (and afraid they will steal it for whatever reason) I wouldn’t worry about it right now.
Also, if you want to use that as a “hey customer, we have this in place to protect you” to help your business, then do it.
I personally do not use this service as my company isnt big enough that I dont know who I employ personally and I have yet to have a customer inquire if I am insured if their info is stolen thru my company.
Also, I would tend to steer away from an unsolicited email proposing to sell me the program. If you didnt request that information, then that is one of those emails that hope that can get your business.
Goto google and type in “PCI DSS” and you will find lots of legit companies that will be able to provide you the insurance you need.
It is NOT a law anywhere that you must have this. It does protect a company if someone runs off with all your customers information. Also, when you search google or yahoo for that above term. do not just go by the first few results, those are paid to be there which is fine. But ALWAYS compare a few of the companies and then goto the BBB online to further investigate to be sure you are safe.
PCI Compliance – It used to be complicated… Now it’s not!
Comment