Bloomberg Anywhere Remote Login Bloomberg Terminal Demo Request


Connecting decision makers to a dynamic network of information, people and ideas, Bloomberg quickly and accurately delivers business and financial information, news and insight around the world.


Financial Products

Enterprise Products


Customer Support

  • Americas

    +1 212 318 2000

  • Europe, Middle East, & Africa

    +44 20 7330 7500

  • Asia Pacific

    +65 6212 1000


Industry Products

Media Services

Follow Us

Businessweek Archives

Compliance Advice for Merchants Who Accept Credit Cards

Compliance with the Payment Card Industry data security standards applies to every merchant, no matter how small, who accepts credit cards or debit cards branded by Visa, MasterCard, Discover, American Express, or any of the other major card brands. It is important that small businesses take PCI compliance seriously and follow the guidelines that have been mandated by the major credit-card brands. Small businesses should consider the following tips:

1. Don’t ignore it, even if you think you’re too small to be affected. Smaller merchants have a lighter paperwork burden than large organizations, but failure to comply can, and does, lead to legal and financial risk, up to and including the risk of having your card-processing privileges revoked, leaving your company unable to accept customer payment cards.

2. Know your obligations. PCI is a highly technical and broad-ranging set of security requirements, covering everything from how you configure and manage your computers to how you train and manage your staff. The best place for smaller merchants to start is to look at the official self-assessment questionnaires created by the PCI council. These don’t cover everything you need to know, but they do give you a quick sense of what you need to do and what to worry about most.

3. Know your real goal (security, not compliance). At the end of the day, PCI is all about helping merchants protect their customers, so you shouldn’t be looking to do the bare minimum. Merchants who concentrate on their customers’ safety will have a better business and less risk, and they will find that PCI success comes almost as a painless symptom of doing the right thing.

Dr. Tim Cranny


Panoptic Security

Salt Lake City

blog comments powered by Disqus