Glossary/Compliance
Compliance

PCI DSS

Payment Card Industry Data Security Standard: the compliance framework all card-accepting merchants must meet, with penalties for non-compliance.

PCI DSS is a set of security requirements established by the PCI Security Standards Council (founded by Visa, Mastercard, Amex, Discover, and JCB). Any business that accepts, processes, stores, or transmits cardholder data is required to comply.

Compliance is validated via a Self-Assessment Questionnaire (SAQ) for most small to mid-size merchants, or a full Qualified Security Assessor (QSA) audit for large merchants or those who store card data. The applicable SAQ type depends on how your business accepts cards.

Non-compliance penalties are significant: processors can charge $5,000–$100,000/month in fines passed down from the card networks. After a data breach, non-compliant merchants face much larger liability, potentially millions in breach costs, issuer reimbursements, and forensic investigation fees.

The most important PCI requirements for small merchants: never store CVV/CVV2 after authorization, use an EMV-capable terminal (prevents liability for counterfeit card fraud), keep your terminal software updated, use a PCI-compliant payment gateway, and complete your annual SAQ.

What this means for your business

Many processors charge a monthly "PCI non-compliance fee" while making the actual compliance process difficult to find. Complete your SAQ and the fee goes away. Use it as a negotiation point to have it waived entirely.

Quick Reference
Category
Compliance
One-line definition
Payment Card Industry Data Security Standard: the compliance framework all card-accepting merchants must meet, with penalties for non-compliance.
Free Tool

See how your effective rate compares to what competitive IC+ pricing would cost you.

Open Calculator

You now know more than most merchants.
Find out if your processor knows you know.

Upload your statement. We'll show you every fee by name, what each one costs you annually, and what you'd pay with a competitive processor. Same day or less, free.

Get My Free Statement Audit
Get My Free Savings Audit

No cost. No obligation. same-day turnaround.