What is PCI Compliance? Why does it apply to me? What are the Risks? What are the costs? How can I protect my buisness???
The figures are astounding:
• Fines – Visa fines as high as $100,000 per month and fines up to $500,000 per data breach (View Video).
• Brand Damage – A data breach will have negative impacts on your property’s reputation (View Video).
• Credit Cards Revoked – Severe security infractions can result in your hotel having it’s processing tools revoked (View Video).
• Lawsuits – Affected parties may choose to sue your property (View Video).
Does It apply to you? YES
The Payment Card Industry Data Security Standard (PCI DSS) applies to every organization that processes credit or debit card information, including merchants and third-party service providers that store, process or transmit credit card/debit card data. If you are one of the below levels, PCI Compliance is not a request, or suggestion, it is now a requirement.
Level 1
• Over 6 million credit card transactions per year
• Requirement: Annual on-site audit + quarterly network scans
Level 2
• 1 million to 6 million credit card transactions per year
• Requirement: Annual self-assessment + quarterly network scans
Level 3
• 20,000 to 1 million credit card transactions per year
• Requirement: Annual self-assessment + quarterly network scans
Level 4
• Less than 20,000 credit card transactions per year
• Requirement: Annual self-assessment + quarterly network scans
What Can You do?
SmartSuite Guarantees 100% PCI Compliance
Step #1 – Utilize our PCI Compliant SmartSuite Property Management Software
-Our SmartSuite Hotel PMS property management solution offers the efficiency of a hosted & centralized system, the flexibility of anytime anywhere access, the ease of a fully-integrated online reservation booking engine.
SmartSuite PMS is validated by Sage’s PCI compliance certificate.
Step #2 – Initiate Sages’s SAQ
Through our PCI compliance partner, Sage Systems, SmartSuite provides certified self-assessment and scanning methods to meet your PCI requirements. If you are not 100% compliant after using our solution we will refund your investment.
Contact SmartSuite for a Self-Assessment.
As an independent hotelier, what are the risks associated with choosing NOT to comply with PCI standards?
1)One of the risks is brand damage – a data breach will likely have a negative impact on your property’s reputation and erode the confidence of your customer base. This can obviously effect revenue and profits over the long term.
2)The second most notable risk is the direct financial penalty. Each credit card company has its own set of fines and penalties – each of which is designed to be very costly to your business.
In addition to the risk of direct fines from credit card brands like Visa, there is also the possibility of receiving financial levies from payment processors or merchant banks – these organization can also be fined by card associations and have the authority to pass fines along to individual hotels that are deemed responsible for any data breaches that occur.
What is the Cost?
Visa fines can be as high as $100,000 per month and up to $500,000 per data breach. The total cost of correcting a credit card data security breach is estimated to be between $90-$300 per card.
In the most severe cases, security infractions can result in your hotel having its ability to process credit card payments completely revoked or lead to law suits from the various affected parties.
