Monday, February 19, 2007

PCI Fines and Compliance Dates - Hot topic

March 31, 2007 - must complete attestation, signed by an officer of the corporation, stating that no: Track data, PIN block data, or CVV2/CVC2 data is stored — else fines of $10,000 per month.

Sept. 30, 2007 - must be compliant or monthly fines of $5,000 are levied.

Dec. 31, 2007 - must be compliant or monthly fines of $25,000 are levied.

It has been almost 2.5 years since the original deadline for compliance on September 30, 2004. Companies that have not met the compliance requirements are in for a rude awakening. Hopefully you started the process long ago and are just finishing up now.

They can still revoke your ability to accept cards as payment which is a double whammy and pretty careless given that you can get a solution end to end (including documentation) for $100-150,000 USD.



Blogger Xander said...

What Level Merchant does your 'solution' apply to? I've found that companies differ greatly in their size and needs.

Saying you have a $100k solution is like saying I have a $100k t-shirt; you still don't know if it fits.

12:42 AM  
Blogger rd said...

Do you have any information on the amount of fines levied year to date 2007 by the associations for PCI related breaches? Any information will be helpful.


1:34 PM  
Blogger dotty said...

It is nice to know the truth.


Wow, check out this site called
. Free SMS and free mobile ads!! Its fantastic

4:00 AM  

Post a Comment

<< Home