There is a myth out there that we are a small company and PCI DSS does not apply to us. It does not matter how small or big your business is you must comply to PCI DSS if you process, store and transmit credit card data.

Don’t store the credit card data, if you don’t have real a business need for it. If you do have to store the credit card data, know your risks and liabilities which happen to be many. Basically small business owner cannot afford to pay for the liabilities and fines if they have a security breach in state on non-compliance (PCI DSS).

Take a few minutes to watch this and see what an ultimate risk of non-compliance can do to a business, my advice, find a professional who can help you to make sure you are PCI DSS compliant so if a breach DOES occur, you are protected with a safe harbor against the fines and non compliant liabilities.

Watch how downstream liability affect a small merchant