Originally published February 6, 2017. Republished July 30, 2018.
Every month, a slew of charges appear on your merchant statement, the bill you receive from your credit card processor which details the fees you were charged for credit card payments your business accepted. From authorization and transaction fees to chargeback and batch fees, you have a lot to keep track of. For example, you are likely paying a PCI compliance fee. Not sure what that is? We're here to explain it!
A Brief Summary of PCI:
Payment Card Industry Data Security Standards, otherwise known as PCI DSS, is a set of regulations developed by the PCI Security Standards Council to protect consumer card data from being compromised after a transaction takes place.
It is essential for merchants to be PCI compliant in order to signify that they are following all the requirements, which include maintaining and routinely monitoring a secure network, as well as protecting cardholder data by keeping that private information away from public networks.
Find out more about what PCI stands for.
A PCI compliance fee will most likely show up on your merchant statement whether or not your business meets these standards. This fee is for a service your credit card processing company uses to assist merchants in getting PCI compliant.
If your business is not PCI compliant, then you will probably find a monthly non-compliance fee somewhere on your statement. You will continue to be charged until you can demonstrate that your business has become compliant.
But even if your business is following the requirements, you will most likely receive a monthly or annual charge for another type of PCI compliance fee that covers the cost of charges imposed upon your merchant service provider by the PCI Security Standards Council.
Your merchant service provider is responsible for showing that each and every merchant account it supports is compliant with the regulations. In order to do that, the PCI compliance service your provider uses typically requires a quarterly or annual online survey that merchants must complete to assure the PCI Council that you are handling customer information securely. These services cost money, so the provider will charge their merchants a specific fee to cover it.
If you feel you are being charged too much for your PCI compliance, contact your current provider for an explanation, and reach out to other providers to find out what they would charge you instead.
Don’t know if your business follows these standards? Here’s what it means to be PCI compliant.