Monday, February 19, 2007

PCI Fines and Compliance Dates - Hot topic

March 31, 2007 - must complete attestation, signed by an officer of the corporation, stating that no: Track data, PIN block data, or CVV2/CVC2 data is stored — else fines of $10,000 per month.

Sept. 30, 2007 - must be compliant or monthly fines of $5,000 are levied.

Dec. 31, 2007 - must be compliant or monthly fines of $25,000 are levied.

It has been almost 2.5 years since the original deadline for compliance on September 30, 2004. Companies that have not met the compliance requirements are in for a rude awakening. Hopefully you started the process long ago and are just finishing up now.

They can still revoke your ability to accept cards as payment which is a double whammy and pretty careless given that you can get a solution end to end (including documentation) for $100-150,000 USD.

Mark

3 Comments:

Blogger Xander said...

What Level Merchant does your 'solution' apply to? I've found that companies differ greatly in their size and needs.

Saying you have a $100k solution is like saying I have a $100k t-shirt; you still don't know if it fits.

12:42 AM  
Blogger rd said...

Do you have any information on the amount of fines levied year to date 2007 by the associations for PCI related breaches? Any information will be helpful.

Thanks!

1:34 PM  
Blogger dotty said...

It is nice to know the truth.

..............
Danu

Wow, check out this site called www.fluc.com
. Free SMS and free mobile ads!! Its fantastic

4:00 AM  

Post a Comment

<< Home