Learn about PCI compliance fees and the Payment Card Industry Data Security Standards. Discover what they are, how they vary, and how Swipesum helps you stay compliant at no cost. Protect your business and avoid penalties.
.jpg)
As a business owner, you’re assuredly concerned with your security. If you’ve got brick-and-mortar stores, you want to ensure that goods are locked, the store has trustworthy employees and you’ve got the processes in place that employees can easily follow to keep your store secure. You’ve also got electronics policies that help ensure your point-of-sale and other systems are secure. What are you doing, however, to keep your customers’ information protected against hackers and thieves?
That’s what PCI - or Payment Card Industry - compliance is all about. While not technically required by law, PCI compliance is a crucial way that customers, other businesses and your banking partners know that you’re handling information securely. Here, we’ll look at what PCI compliance is, what it can do for you and why being compliant is such a good idea.
Curious about PCI compliance? Swipesum provides information on PCI in account approval emails, during onboarding, and after onboarding. We provide links and information for video tutorials that lead you through the questionnaires to get compliant. Book a free consultation today.
PCI stands for Payment Card Industry and compliance with it means that your business has achieved and continues to follow the Payment Card Industry Data Security Standards. In the simplest terms, PCI are a series of standards that establish what a merchant or business needs to do to ensure they’re handling credit card information appropriately. By completing the Data Security Standards Process, businesses are proclaimed to be PCI compliant. So what does that actually mean?
There are 12 major steps to ensure PCI compliance.
The policy boils down to a series of fairly simple security measures that any card processor or business handling payment card information should be able to easily follow. The goal of the requirements is to protect customer data and the requirements are meant to be adopted broadly.
Payment card companies care a great deal about ensuring merchants are handling information securely - but why? Two main reasons. First, credit card companies are generally on the hook for covering fraudulent charges that are on their customers’ accounts. In fact, it’s become a staple of most credit cards and one of the many reasons it can sometimes be smarter for customers to use credit instead of debit. The second reason is that they want to keep their customers happy broadly and so should you!
PCI Compliance is essential for any business accepting cards or handling credit card data, and while it protects customer information, it often comes with associated fees. Here's a breakdown of what to expect:
Many payment processors charge PCI Compliance Fees, each provider has different pricing as they mark up their actual costs. This fee is to help businesses meet the Payment Card Industry Data Security Standard (PCI DSS). These fees can vary widely:
- Worldpay charges monthly fees starting at $30.00 per month.
- Elavon charges $74.99 per month.
These fees may be included in your overall processing costs or appear as a separate line item on your invoice. Swipesum, however, offers PCI compliance support at no additional cost, helping merchants avoid these fees.
If your business isn't PCI compliant, you might face Non-Compliance Fees, ranging from $10 to $100 per month. These penalties encourage businesses to achieve compliance quickly.
Additional Compliance Costs
Other potential costs include:
- SAQ (Self-Assessment Questionnaire): $0 to $200
- Vulnerability Scanning: $100 to $200 per IP address
- Employee PCI Training: $70 per employee
- Remediation: $100 to $10,000 depending on the work needed
Depending on your business size, PCI compliance can range from $1,000 to $50,000+ annually, with large enterprises potentially paying much more.
Swipesum's PCI Advantage
Swipesum simplifies PCI compliance by offering these services at no extra charge, helping businesses stay compliant without added costs. Investing in PCI compliance is crucial to avoid penalties and protect your business from data breaches.
Generally, your merchant account provider will offer PCI compliance services. There is likely a fee for this service but it can take some of the headache out of managing things yourself. Additionally, you can hire consultants to assist you with PCI compliance. You can also do it yourself, at no cost. All you have to do for PCI compliance is complete and file a self-assessment questionnaire each year along with records of the scans that are required of your payment network. There may be some additional paperwork required but it should all be relatively straightforward for businesses to complete.
You’ll then sign an attestation form that you agree to remain compliant and that’s it! You’ll get a nice certificate. For most small businesses, this is sufficient and as long as you continue meeting requirements, you won’t have any issues. If you’re a larger business and fall into a higher “compliance level,” you may have to submit your network to security scans by an approved vendor.
Compliance levels are based on the number of transactions you process in a given year.
If you’re a small business or perhaps doing some sales on the side, you can see that you likely fall into Level 4. Many medium sized businesses, restaurants, bars and other businesses you may find around town, likely fall into PCI Level 2 or 3. Level 1 is usually reserved for very large companies.
There are a few things to keep in mind when you’re determining your compliance level, getting PCI compliant and holding on to that designation.
Your payment processor should have fairly robust reporting tools that allow you to see how many transactions you’ve processed. Get a firm understanding of this number and ensure you apply appropriately. Being too low can result in fines. Being too high means you’re paying for things you don’t need to.
Security of your customers’ information should always be right on the top of your mind. It’s good business and bad data privacy policies can lead to some very expensive lawsuits.
PCI compliance can be confusing. Determining your level, understanding what you actually need to do - and most importantly, what you don’t - and keeping those programs running can be time consuming and expensive if you do things wrong.
Swipesum can help. Our proprietary software helps analyze your transactions to determine where fees might be bogging your business down. Our consulting services are designed to help you maximize your time running your business, not filling out paperwork.
Swipesum provides information on PCI in account approval emails, during onboarding, and after onboarding. We provide links and information for video tutorials that lead you through the questionnaires to get compliant.
RECOMMENDED
HELPFUL CONTENT
Sydney Stribrny
Sydney is a rising senior at Washington University in St. Louis studying Media and Marketing. As Swipesum's Creative Director, Sydney creates, designs, and develops strategies for Swipesum's content. In her free time, she enjoys running, watching movies, and cooking.
Read moreRequest a CONSULTATION
Meet one of our payment processing experts to see if working together makes sense.
We will schedule a quick consultation call to go over how you're currently handling merchant services, and present a proposal at no cost.
By submitting this form you agree to receive information about Swipesum product updates via email as described in our Privacy Policy and Terms & Conditions.
