PCI DSS compliance heads for UK in July

The enforcement of the data security standards that govern the payment card industry is beginning next month and experts believe that many UK businesses could face hefty fines as a result of non-compliance.

PCI DSS is being instigated by Visa from the start of July. As a result, the electronic point of sale (EPOS) and online retail sites operated by many of the smaller enterprises in the UK could come under scrutiny and be deemed inadequate under the new rules.

Larger businesses have until the end of September to ensure compliance with PCI DSS as the process of converting outdated systems is perceived to be lengthier and more complex within organisations of significant size.

Regulators have divided businesses into multiple tiers in order to separate out those businesses dealing with the most significant volume of transactions annually from those responsible for the least. The first tier businesses are the largest, with six million or more payment card transactions channelled through them annually, while the fourth tier enterprises experience less than 20,000.

Experts believe that Visa will start issuing fines to firms that have not ensured complete compliance as soon as the rules come into effect for that particular tier.

The acquirer will be fined by the payment card firm and these fines and associated costs will be passed onto the non-compliant business, according to Barclaycard’s head of security, Neira Jones.

Smaller firms from tiers two to four are encouraged to ensure complete PCI DSS compliance, because any breach will not only result in direct fines, but may also move them up the pile to be considered alongside tier one firms and their associated charges, which could have a long lasting impact according to data security expert Mathieu Gorge.

Some believe that smaller firms are being penalised under the new system, with security advisor John Walker suggesting that the limited understanding and explanation of PCI DSS rules to lower tier UK businesses could result in fines and poor treatment for those who unwittingly break the new regulations.

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal