How do PCI DSS penalties work?

A penalty structure has been introduced by Card Schemes for all merchants who either fail to comply with PCI DSS, or whose systems are compromised causing customer card details to be used fraudulently.

Should your card holder data be compromised, we will work with you and Card Schemes to identify details of the attack and provide guidance to help you restore security in line with PCI DSS requirements.

In such a case, Card Schemes can apply penalties to compensate the Card Issuer.

We must stress that complying with PCI DSS is your defence against potential fines, better protection for customers’ personal data and increased customer confidence through improved data security.

Data Compromises

If any unauthorised person obtains access to any Card holder Data, or if any Card holder Data is lost you must report this to us.

If you suffer a data compromise you will be required to pay the cost of forensic assessment engaged and copies of all reports should be sent to:–

The PCI DSS Compliance Manager
Dept RT
Barclaycard Business
1234 Pavilion Drive
Northampton
NN4 7SG