Procrastinators Beware

Procrastinating can cost you! Here’s why PCI Compliance, EMV and VCR demand your prompt attention

Procrastination. It’s been an issue for humanity, well… forever. It’s been labeled as everything from “an excuse for failure" by Time magazine, to a “sign of genius,” by Money magazine. If you’re a procrastinator, when it comes to PCI, EMV® and VCR compliance, it may be time to figure out how to focus your attention before it costs your business big.  

Skip to main content
Main Content

Procrastinators Beware

Jun 18, 2018

Procrastinators Beware

Procrastinating can cost you! Here’s why PCI Compliance, EMV and VCR demand your prompt attention

Procrastination. It’s been an issue for humanity, well… forever. It’s been labeled as everything from “an excuse for failure" by Time magazine, to a “sign of genius,” by Money magazine. If you’re a procrastinator, when it comes to PCI, EMV® and VCR compliance, it may be time to figure out how to focus your attention before it costs your business big.

Andrew Santella, author of the recently-released book “Soon: An Overdue History of Procrastination” (Dey Street Books), notes that even the most successful individuals often have a problem with getting tasks completed. Leonard da Vinci, for instance, “had trouble staying focused on projects and finishing them” and “acquired a reputation among his peers as a man who couldn’t get things done.”

If you’re a merchant and becoming compliant has fallen to the end of your to-do list, it’s time to stop ignoring the requirements and recommendations established by the payment card industry, namely those related to PCI compliance, EMV and Visa® Claims Resolution, and start developing an action plan.

What is PCI compliance?

In a nutshell PCI compliance requires all merchants—that is, those with a Merchant ID—to adhere to the Payment Card Industry Data Security Standards (PCI-DSS), which are administered by the Payment Card Industry Security Standards Council and detailed on the organization’s web site.

In the TSYS Guide to PCI Compliance, it’s helpful to “think of PCI compliance ... as a series of common sense ‘best practices’ that you need to incorporate to keep cardholder data secure.” These best practices have core requirements specific to network security, data protection, vulnerability management, access control, monitoring & testing and information security.

Your payment processing provider should be able to relate the specific PCI requirements for your business, and may even have tools that help reduce burdens related to remaining compliant on an ongoing basis. Help is also available via the Council’s PCI Payment Protection Resources for Small Merchants page.

Compliance saves you money

If you’re a merchant and you’re not sure whether you are PCI compliant, get in touch with your vendors. Not only does being PCI compliant dramatically reduce your risk of being a victim of electronic data fraud, it protects you from the heftiest fines and sanctions that can be assessed by the individual payment card brands, which can range from $5,000 to $500,000. Moreover, you can lose the ability to take credit cards, among other potentially devastating consequences (loss of reputation, civil lawsuits, etc.)

EMV helps protect against in person/card present fraud

Meanwhile, PCI compliance isn’t the only standard you need to worry about. By this time you should have already transitioned to EMV-enabled point-of-sale devices that allow customers to “dip” their EMV “chip cards.”

Credit card fraud at the point of sale has been reduced dramatically in the past year or two, because unlike magnetic strip cards (which use static data that is easily stolen), EMV cards are embedded with a micro-processing chip that generates a unique number (called a cryptogram) for each sales transaction. It’s almost impossible now for a user to complete a transaction using a lost or stolen credit card via the slot where one inputs a chip-enabled card. This is great news if you’re a customer-facing merchant… unless you haven’t yet upgraded to EMV-ready technology.

Risks of not being EMV-ready

The main risk of being unable to accept EMV chip-enabled credit cards is that almost all types of businesses (pumps at gas stations are an exception) can now be held financially liable if a fraudulent transaction occurs. By not being EMV-ready, you are foregoing the fraud protection that chip technology provides. If you’re still not EMV compliant, look at it as an opportunity to upgrade your point-of-sale solution and take advantage of the latest technology, including the ability to take contactless payments. The TSYS Guide to EMV for Merchants provides additional information that can help you assess your individual situation.

Visa Claims Resolution

Last, but not least, a recent development that you want to be cognizant of is Visa Claims Resolution (VCR), which went into effect on April 14, and is designed to resolve disputes and chargebacks more quickly. All merchants who process Visa cards are required to adhere to the new requirements.

Some of the most important procedural and technical changes are discussed in the Payments Journal and on the TSYS Visa Claims Resolution FAQ page. One key change you should be aware of is the reduced time limit to respond to customer disputes (from 45 to 30 days). Also, merchants now have a single opportunity to deny a consumer’s allegations before Visa renders its decision.

While the changes make the process potentially a little more time-consuming, evidence exists that the VCR program is already having its intended effect by reducing the number of disputes and speeding up the processing of disputes.

So what are you waiting for? In the long run, taking the time to be compliant can save you and your fellow merchants time and money in the long run.

EMV is a registered trademark or trademark of EMVCo LLC in the United States and other countries. All trademarks contained herein are the sole and exclusive property of their respective owners. Any such use of those marks without the express written permission of their owner is prohibited.

Contact Us
About Our
Merchant Services

Get your Free Quote, Now!

After you have submitted your information, a TSYS representative will contact you.

All fields are required to submit form. Your information is private and secure. We do not accept adult businesses

Customer Support Form