PCI DSS - How much does Compliance Cost?

The cost of PCI DSS compliance will be determined by a number of key factors. In Nettitude’s experience, these factors include:

• How does the merchant/service provider interact with card data?
• Does the Merchant / Service Provider take transactions online?
• Does the Merchant / Service provider operate a store network?
• Does the Merchant / Service provider operate mail order facilities
• Does the Merchant / Service provider take card data through a contact center?
• Does the Merchant/Service provider Store Card Data?
• Is it possible to segment to reduce scope?
• Is it possible to outsource payment processing?
• How many card transactions does the Merchant/Service Provider process?
• How large is the card data environment?
• What investment has been made in IT Security historically?
• Does the organisation have a formal Information Security policy?

Becoming compliance with the PCI DSS can start at as little as a few hundred pounds for small retailers and grow to many thousands of pounds for larger organisations that have complex interaction with payment card data. Nettitude has extensive experience with the Payment Card Industry Data Security Standard and aims to reduce risk in all client engagements. Through reducing risk it is possible to reduce scope. By reducing scope, it is possible to achieve compliance more cost effectively and in shorter time scales.

When organisations include the cost of lost business and reputation in to the equation, these costs can spiral to even greater heights.

The PCI DSS has a series of requirements that define good security practice for merchants and service providers. Although there is no such thing as 100% security, becoming PCI DSS compliance should reduce your risk and exposure to card fraud.

To find out more about PCI DSS, and some of the common mechanisms deployed to achieve compliance, please complete our contact form and a consultant will respond to your enquiry.