MasterCard kicks it up a notch with fine schedule
Branden Williams noted last week that MasterCard has entered the world of fining merchants that do not comply with the PCI DSS standard (3.1.2.2 Noncompliance Assessments). This should signal nothing more than the wave of security gaining momentum as more and more card brands gather behind the concept of securing electronic payments.
Branden has the breakdown here, along with a comparison of Visa vs MasterCard fines. End result? MasterCard fines more than Visa according to his blog post.
Visa Compliance Acceleration Program (CAP) as follows:
* Level 1 Merchant: $25K/mo ($300K/yr) plus tiered merchants bumping down one tier (total $$$ unknown)
* Level 2 Merchant: $5K/mo ($60K/yr)My understanding (though their appears to be some question about this) is that these fines are assessed quarterly until compliant1.
* Level 1 & 2: $25K, $50K, $100K, $200K ($375K/yr)
* Level 3: $10K, $20K, $40K, $80K ($150K/yr)
StorefrontBacktalk has more information here.
I don’t think this would even be on the table unless we had reached critical mass. By all accounts, greater than 50% of merchants have taken measures to secure their payment-card transactions. This means the card brands are standing on firm ground when they roll out fine structures that impact the stragglers who have resisted implementing sound security practices.
One would wonder what is going on here. Are Visa and MasterCard trying to get an extra revenue source to compensate for the lost revenue due to the economic downturn?
I don’t imagine this is the case.
Have you ever told someone to do something but never followed through with any consequences? How effective were you?
Consequences make sense to drive the proper incentive.