Click to show/hide contact information.

PCI-DSS: Security - Penalties

What to Know
Penalties for PCI non-compliance

Fines can be levied by payment card brands of up to $500,000 per incident for security breaches when merchants are not PCI compliant.

In addition, it is required that all individuals whose information is believed to have been compromised must be notified in writing to be on alert for fraudulent charges. As such, the potential cost of a security breach can far exceed $500,000 when the cost of customer notification and recovery is calculated.

Potential cost of a security breach
  • Fines of $500,000 per incident for being PCI non-compliant
  • Increased audit requirements
  • Potential for campus wide shut down of credit card activity by our merchant bank
  • Cost of printing and postage for customer notification mailing
  • Cost of staff time (payroll) during security recovery
  • Cost of lost business during register or store closures and processing time
  • Decreased sales due to marred public image and loss of customer confidence