Why is Barclaycard putting so much pressure on me to become PCI DSS compliant?
We are actively promoting and supporting good payment security practice across our customers, partners and suppliers. In this, we’re committed to supporting all our customers, and reminding them of their responsibilities in respect of protecting cardholder data. All card acquirers (also known as payment processing companies) have the same responsibility to report to the Card Schemes (e.g. Visa and Mastercard) on the status of their customers’ PCI DSS compliance. The Card Schemes can investigate any merchant from the reports that we submit, and they are able to levy non-compliance penalties as a result. On top of these penalties, there can also be data compromise penalties and fraud costs associated with any breaches in payment security.
Validating, evidencing and communicating your compliance with the PCI DSS shows that you have taken all reasonable steps to protect the cardholder data to which you and your third parties have access. Undertaking the compliance process also helps you to improve your internal processes and work more securely.