Community Forums 

Main Content

Re:PCI/Card Acceptance compliance?

    Nov 23 2008 14:50:54


    Walter K Stevens

    Join date : 2008-09-18      Posts : 18

    Hello, we have the same situation in the US. Same company recommended Security Metrics. I went as far as going through the recommended "Free" process and filling out the short form. The one where I state that I am a small business and do not retain Card User info.

    I have filled it out twice and received an online certificate that supposedly would satisify my credit card provider. After numerous calls to SecurityMetrics, they seem to have provided my Credit Card provider with that information.

    I agree on the threatening letters and the extremely unclear requirements on whether you need to pay for PCI compliance or not. On my website, orders, the part where the credit information starts, go completely through Mal's and into the credit card provider.

    The one thing that worries me is that I use MOrders and that information comes in my notification. I destroy it, however I wish I could turn it off. I have been told that I can stop my credit card provider from sending that information but I have not figured out how to do it.

    My credit provider is threatening with a monthly fee if I don't show compliance, either through the self certification that I mentioned, or proof that I am paying another company significant fees to assure that compliance.

    I agree with the original poster that it is difficult to determine what type of protection I would be paying for, none of the recommended "protectors" seem to have a clear policy. I also have the fear that without specific requirements, I'm going to end up with a $x,xxx.00 per month website. They will want me to get some outrageously priced all inclusive package.