The new security standards released by Visa, MasterCard and other firms are expected to impact merchants that accept payment from customers through credit card as well force a customer to pay administrative and operational costs.
As per the Payment Card Industry (PCI) Security Standards Council rules, which are framed to make credit cards more secure, merchants will need to equip a firewall separating consumer credit card information from remaining business network from 1 January 2014, reported Inc.com.The new PCI rules are aimed to reduce cyberattacks against merchants by improving credit card security.
Furthermore, merchants should identify and authenticate access to the system, examine security systems and processes, apart from restricting access to the cardholder portion of their networks.
Overseeing and keeping track of all access to network resources and cardholder data as well as issues of card holder information security also remain vital for merchants under the new rules.
In addition, merchants are required to avoid vendor default passwords for systems, while protect systems against virus by updating regularly with required hardware and anti-virus software.
Meanwhile, Research firms Gartner and Ponemon Institute estimate that businesses need tens of thousands to hundreds of thousands of dollars to comply with PCI standards every year depending on their transaction volume and size.
In the event of non compliance with PCI standards, merchants could face a monthly fine between $5,000 and $100,000, subject to their size.