|
|
|
|
|
|
by 0wned
5977 days ago
|
|
|
If the processors are responsible, then they were doing it right before the acronym PCI ever existed. To become compliant costs money (audits, quarterly scans, self-assessments, etc.) but it's not that expensive and it's what they are in business to do. If the processor is not compliant, no one will do business with them ("Hey, look, we store your clients' CC numbers in an unencrypted DB... come do business with us!"). The cost, you as a merchant pays, is based on risk and volume. Online (non person to person) transactions are the most risky, so percentage-wise they'll always cost more... PCI or no PCI. |
|
|