New PCI data security rules coming in 2010 and threats of fines loom over web retailers
by Don DavisMark Wilson thinks it`s important to guard his customers` credit card numbers. But without an information technology specialist at his small online retail business, Night-Gear Inc., he had about given up on achieving compliance with the PCI security standards designed to protect cardholder data.
After months of notices from a security service that his site did not meet the requirements of the Payment Card Industry Data Security Standard—notices he struggled to comprehend—Wilson was prepared to go on paying the small monthly fines his processor assesses non-compliant merchants.
Then he received an e-mail saying his site had passed the PCI scanning test. "It was a bizarre," Wilson says. "We get this congratulatory letter saying, `You`ve done it.` Well, what have we done?"
Continue Reading at Internet Retailer.com
