https://squareup.com/guides/pci-compliance
I discovered this topic while I was researching my last week’s blog post about Square. I wasn’t surprised that there are rules and regulations in place for online transactional services but I certainly did not know how extensive these rules are.
PCI Compliance is a standard put on by five big credit card companies that aim to reduce bank data breaches. These rules are set so that organizations and sellers can “safely and securely accept, store, process, and transmit cardholder data during credit card transaction to prevent fraud and data breaches” (Square). There are different compliance levels depending on the total transaction volume, annually, that also affect the fees that organizations need to pay. The burden of “maintaining compliance for all parts of the payment processing life cycle is on the sellers and organizations” (Square).
In my opinion, it seems unfair for an oligopoly of banks to issue a set of compliance standards that would disallow businesses to operate a credit card option for their customers. However, in a FIS class, having such regulations are a necessity given the sensitive nature of customers’ personal information. There is so much more history to the necessity of these compliances.
Interesting article! I don’t really like this oligopoly either, but do you think consumers are willing to accept that in exchange for security?