Advertisement

Most Small Merchants Do Not Fear Security Breach

Only 50% of small merchants have validated their PCI compliance, according to a recent survey of 600 Level 4 merchants. In total, 79% of these retailers think there is “little to no chance a data breach will happen to them,” as noted in the report titled: A Tale of Two Merchants: The Fourth Annual Survey of Level 4 Merchant PCI Compliance Trends,” conducted by ControlScan and Merchant Warehouse. Additionally, brick-and-mortar retailers are less stringent than their e-Commerce counterparts.

As defined by Visa, Level 4 merchants are those processing less than 20,000 Visa eCommerce transactions annually; or up to 1 million transactions in the brick-and-mortar store. In total, there are approximately 5 million Level 4 merchants in the U.S.

In reality, these smaller merchants should be more concerned. In June, 2012, Visa reported that attacks against Level 4 and franchise merchants are on the rise in the U.S.; and as many as 96% of breach victims in 2012 were not PCI compliant, according to Verizon.

Advertisement

Small Businesses Offer Contradictory Security Insights

While less than half (47%) of Level 4 merchants say they are familiar with PCI DSS, those stating familiarity with compliance measures are supportive:

  • 77% say security ranks “high” or “medium” in terms of overall organizational priorities;
  • 67% believe PCI compliance would make their business more secure; and
  • 57% note that they believe PCI standards should apply to their businesses.

On the contrary…

  • Of those survey respondents who have validated PCI compliance, only 39% say they have the documentation to support their Self-Assessment Questionnaire (SAQ);
  • 43% say they took no action nor made any purchases to achieve PCI compliance; they simply “completed the paperwork;” and
  • Total overall compliance for survey respondents is 30%.


4 Recommendations For ISOs And Acquirers

ControlScan offered the following four recommendations for ISOs and merchant acquirers, to help forge a stronger partner relationship with retailers:

  1. Mine customer data to create risk-based action plans.
  2. Strengthen communications with the riskiest merchants.
  3. Equip merchant-facing representatives with the right tools.
  4. Offer technology and service solutions to facilitate a smooth transition to PCI compliance.

Click here to access the complete report.

Featured Event

Get free access to tactical tips, invaluable insights, and deep-dive conversations that will help you hone your strategies for Q4 and beyond. That way, you can be sure to be on shoppers’ nice lists this holiday season…and all year long.

Advertisement

Advertisement

Access The Media Kit

Interests:

Access Our Editorial Calendar




If you are downloading this on behalf of a client, please provide the company name and website information below: