Thread: New Visa MC Compliance & potential fines??
View Single Post
Old 03-17-2008, 02:06 PM   #1 (permalink)
cperry
 
cperry's Avatar
 
Status: Member
Join Date: Mar 2008
Location: Texas
Posts: 68
 cperry is a Junior Member



cperry is offline  
Default New Visa MC Compliance & potential fines??
Hi everyone!
We have a yahoo store and use one of their authorized processors - FDMS.
I got an email to day about a new Visa/MC compliance thing - and we must be compliant by mid -april. I called my processor and they said it was not a scam email - so I called the external compliance vendor. Basically, they set up quarterly "scans" of my office computer (and I guess the solid cactus call center since they take orders too??) to determine safety. If it falls below the safety standards of MC/Visa - (i.e. hackers might be able to get in) - we are given XYZ to fix it. If we are not compliant by Mid-April or do not fix any of these "security scans" and have a fraudulent credit card indicent - we are subject to huge fines. Apparently FDMS pays the "fee" for the service and I was charged this fee at the on my merchant statement at the end of 2007.
Anyone else heard of this?? Has the Solid Cactus Call center heard of this? The email is below......
Carol

------------------
Thank you for choosing Express Merchant Processing Solutions for your merchant payment processing needs.

As a valued merchant of Express Merchant Processing Solutions, your transaction security is very important to us. To help prevent cardholder fraud and identity theft, Visa and MasterCard have established the Payment Card Industry (PCI) Data Security Standard. For information about these security programs please visit:

* Cardholder Information Security Program | Merchants | Visa USA
* MasterCard Site Data Protection Program Redirect
* www.pcisecuritystandards.org

Why am I getting this e-mail?

The PCI requirements now apply to ALL merchants, not just to business on the Internet. We are committed to helping you get the most value from your relationship with us and to help you protect yourself against cardholder fraud and identify theft. We are working together with SecurityMetrics, an approved PCI compliance security assessor, to help you become PCI compliant.

What do I need to do?

Your Annual Compliance Fee has already paid for the SecurityMetrics Site Certification PCI services. You are requested to resolve this by April 16, 2008, so please ACT NOW to understand your specific requirements and ensure your compliance.

All you need to do is contact SecurityMetrics at 800-557-4684. They'll help you with the rest! You may also contact them online at: Simplify PCI DSS Merchant Compliance - SecurityMetrics

SecurityMetrics is a certified assessor for Visa, MasterCard, American Express and Discover Card. They provide outstanding customer support and will work to help you satisfy your compliance needs. Their "Site Certification" program provides full merchant compliance and automatic reporting to Express Merchant Processing Solutions. Even if you have already met the requirements for PCI we need to update our records with your compliance information. To resolve your compliance status, please contact SecurityMetrics at 800-557-4684.

The Card Associations are very serious about data security...if you are compromised, the Association fines can range upwards to $500,000 per Association.

Because the need for PCI certification and compliance is an urgent matter, Express Merchant Processing Solutions may take adverse action against your account. This action may include but is not limited to establishing reserves on your account which can range upwards of $10,000 or more, if you do not comply with the requirements of the PCI DSS program.

How do I know this is not a scam?

To assist in validating this email, Express Merchant Processing Solutions has included information about PCI DSS Compliance on our website, YourMerchantInfo - PCI Compliance for Level 4 Merchants.

Please be sure to visit this website to learn about PCI DSS! You can get up-to-date information on PCI, including MasterCard's schedule of PCI educational webinars. You also have the ability to ENROLL directly with the SecurityMetrics Level 4 program by clicking on the ENROLL button found under the PCI Compliance topic.

If you are still concerned that this notice might be a scam, please call us at anytime to validate this notice. You may also use your traditional contact information on your monthly, as well as refer to recent messages included in/on your statement.

Your participation in this program is very important and we appreciate your time and assistance.

Sincerely,

Express Merchant Processing Solutions


Reply With Quote