A new survey conducted by ControlScan and Merchant Warehouse reveals that many small businesses are still unaware of [payment card industry] PCI compliance regulations.
Just over half (54 percent) of the merchants surveyed say they are aware of the Payment Card Industry data-security standards (PCI) regulations, the 7-year-old set of rules required of all merchants. That number has not changed since the same survey was conducted a year ago.
“That finding, combined with the fact that 79 percent of respondents think their business has little-to-no risk of breach, indicates a serious disconnect between level four merchants and the ISOs and acquiring banks serving them,” said ControlScan’s CEO Joan Herbig.
The survey included more than 600 level four merchants representing a mix of ecommerce, retail stores and mail order/telephone order businesses. Level four merchants are those who do fewer than 20,000 Visa ecommerce transactions or up to 1 million brick-and-mortar Visa transactions per year.
While many of the small businesses surveyed were not worried about the potential for security breaches, Visa reported that 97 percent of all reported U.S. compromises in 2011 occurred at small merchants, according to DigitalTransactions.net.