The Cost of PCI Compliance

Share:

The Cost of PCI Compliance

I am the first one to agree that our credit card information must be kept secure. And that the equipment that collects that data in parking operations must be designed so that the numbers can’t be viewed by outsiders. I also agree that Visa et all have a responsibility to their customers to ensure that data is as safe and secure as possible.

All that having been said, the mind boggles at what has been required of our vendors by the credit card suppliers. One supplier told me the other day that it costs them over 100 grand a year just to do the paperwork required. Another noted that the cost of simply being approved was six figures. And of course that only covers the cost for a certain set of software. If you have an upgrade, then you need to get approved all over again.

And guess who pays for all that…You do. If a manufacturer sells 50 systems a year that accept credit cards, then there is going to be another 3 to 4 thousand dollars each added on to cover just their costs to be compliant with the requirements of the credit card issuers.

AND guess what? it most likely is all for nothing. Here’s the dirty little secret. Credit card numbers are being stolen all the time. A clerk in a shop, a waiter in a restaurant, a pickpocket in an airport. They all steal credit cards and use them. The reason, the data on the card is extremely easy to copy, read, and then use. It doesn’t take rocket science, just a trip to radio shack and a soldering iron.

The only real solution is to have a pin associated with your card and that pin has to be kept at a central, secure location by the credit card company. (Like the PIN on your cash card that you use to get money from the ATM.)  Then,. if someone steals your credit card, its useless, since they need to know the pin, and the only place its known is in the bank’s secure database.

All the encryption, algorithms, and fancy software only bets that its writer is smarter than everyone else…And there is a 12 year old out there that, lets face it, is smarter than you.

Should our manufacturers continue?  Of course, they have no choice. They also have no choice but to pass the cost of the PCI compliance along to you.

JVH

Picture of John Van Horn

John Van Horn

One Response

Leave a Reply

Your email address will not be published. Required fields are marked *

Only show results from:

Recent Posts

A Note from a Friend

I received this from John Clancy. Now retired, John worked in the technology side of the industry for decades. I don’t think this needs any

Read More »

Look out the Window

If there is any advice I can give it’s concerning the passing scene. “Look out the window.” Rather than listen to CNN or the New

Read More »

Archives

Send message to



    We use cookies to monitor our website and support our customers. View our Privacy Policy