Lack Of Pci Dss Compliance Amongst Uk Firms

By Author: Jay SEO
Total Articles: 18
Comment this article

The Payment Card Industry Data Security Standard (PCI DSS) is a security standard deigned to help combat the increasing risks and costs associated with online fraud. By being PCI DSS compliant a website is armed with a secure environment that allows them to store sensitive card holder data so that they cannot be used fraudulently. PCI DSS compliance is mandatory and auditable and applies to all commercial operations that store, process or transmit cardholder data.

However a recent survey conducted by Redshift Research showed that a vast number of companies within the UK are still not PCI DSS compliant. The survey that polled 100 retail, financial services and hospitality businesses uncovered a worrying statistic for UK firms. Out of those companies surveyed only 11% have been certified as PCI DSS compliant. The biggest pit fall for PCI DSS compliancy appears to be the fact that 39% of those surveyed believed that credit card security should be the problem of the credit card companies.

In fact has become apparent that 35% of the company's survey did not actually understand the requirements they needed to be PCI ...
... compliance. This result broken down into the relevant industry sectors meant that 57% of retailers said they still do not understand PCI requirements, compared to 27% of finance companies and 27% of leisure firms.

There is also a major reluctance to get on board with PCI DSS compliance for UK companies using online payment systems. In fact 14% of those UK companies surveyed said they where not PCI compliant and where not planning to become so either. 27% even admitted they where aware of the need to PCI compliance but planned to put it off as long as they can get away with it. Out of those that had made some steps towards it by completing a PCI DSS pre-audit 14% of companies said they now plan to undertaken no further action. Where as 32% of companies who have had the PCI DSS pre-audit are currently correcting the issues that were identified by the audit.

The results from the survey conclude that there is still a massive lack of knowledge regarding PCI DSS compliance which is leading to confusion against UK companies. The survey also shows that only a small minority of UK companies are currently audited and certified as PCI DSS compliant. This means that smaller UK businesses are seriously lagging behind the larger firm when it comes to PCI compliancy.

online payment systems | PCI DSS compliance | recurring billing