0131 202 4107 info@swipen.co.uk

PCI – Compliance and Associated Charges

by | Feb 2, 2022

Welcome to Swipen’s second instalment of the ‘Payments Parlance’ blog series. Acronyms, techspeak, compliance, and seemingly random fees can leave us all confused and wondering, ‘what does it all mean?’. These blogs are designed to help explain the terminology, issues and charges that often surface within the payments industry.

Today we talk about PCI and its associated charges. 


What is PCI?

PCI stands for Payment Card Industry. You’ll often see the acronym PCI DSS, which is Payment Card Industry Data Security Standard. PCI DSS is a set of security standards designed to improve security throughout the transaction process. The PCI DSS is administered and managed by the PCI SSC (PCI Security Standards Council – www.pcisecuritystandards.org) an independent body that was created by the major payment card brands: Visa, MasterCard, American Express, Discover and JCB.

Note: It is the payment brands and acquirers that are responsible for enforcing compliance, not the PCI council.


Who is affected by PCI DSS?

The standards apply to ANY company, regardless of size or number of transactions. If you accept, process, store or transmit cardholder data or credit/debit card information, your business must always be compliant, and your compliance must be validated annually.


What do I need to do to comply?

The basic 12 requirements for PCI DSS are:

  1. Install and maintain a firewall configuration to protect cardholder data
  2. Do not use vendor-supplied defaults for system passwords and other security parameters
  3. Protect stored cardholder data
  4. Encrypt transmission of cardholder data across open, public networks
  5. Use and regularly update anti-virus software or programs
  6. Develop and maintain secure systems and applications
  7. Restrict access to cardholder data by business need to know
  8. Assign a unique ID to each person with computer access
  9. Restrict physical access to cardholder data
  10. Track and monitor all access to network resources and cardholder data
  11. Regularly test security systems and processes
  12. Maintain a policy that addresses information security for all personnel


Does PCI DSS still apply to me if I use a Payment Service Provider (PSP)?

Yes. Using a third party company does not exclude a business from PCI DSS compliance. However, Swipen is able to assist you with compliance and offer advice.


What if I don’t keep or store credit card data?

If you accept credit or debit cards as payment, whether in-person or remotely, then PCI compliance applies to you. It may be easier to comply if you’re not storing card data at all, but for most businesses, this is not possible.


What are the penalties for non-compliance?

PCI is not, in itself, a law; the standard was created by the major card brands. However, should you choose not to comply, and you have a data breach or are hacked, you may be subject to hefty charges, card replacement costs, costly forensic audits, brand damage, etc. Outside of serious data breaches, you will also likely be charged a monthly non-compliance fee.


What are the PCI fees on my bank statements?

You’ll often see PCI fees on your bank statements. They may appear as ‘NON PCI GF’ or ‘PCI MONTHLY FEE’ or ‘DCC ACTUAL/POTENTIAL’ or ‘PCI NON-COMPLIANCE FEE/CHARGE’ or ‘SECURED PCI’, or something similar. These are all the same fee, charging you for PCI non-compliance. This charge is usually a set amount per month, but can also be a percentage of turnover. Unfortunately, you can end up paying quite a large fee each month.

The good news is that Swipen DOES NOT charge anything for PCI advice, assistance or for non-compliance, saving you money every month.

We knew there was a better way and so we created Swipen.

 

Back to previous Payments Parlance post – CNP, what is it?
Onto next Payments Parlance post – Chargebacks

Recent Articles

Best Industry Newcomer & MD of the Year!

Best Industry Newcomer & MD of the Year!

We attended the Card & Payments Awards as a Category Finalist for the Best Payments Industry Newcomer award. We were delighted to be awarded a Highly Commended trophy as the industry newcomer to watch! We received more good news. Our illustrious leader, Fraser Mitchell, has been awarded the SME News ePayments Managing Director of the Year for 2022! “As an MD, I want to run a business I can be proud of. I don’t ever want Swipen to be successful at the expense of our customers or staff. The biggest compliment we receive from clients and partners is that we do what no one else does.”

How do I reduce chargebacks and fraud?

How do I reduce chargebacks and fraud?

Welcome to part three of Swipen’s ‘Payments Parlance’ blog series. Acronyms, techspeak, compliance, and seemingly random fees can leave us all confused and...

We’re now officially trademarked!

We’re now officially trademarked!

Over the last few months, we have been working on registering our Swipen logo with the Intellectual Property Office (IPO). We have always been very proud of...

Financial Wellness Month January 2022

Financial Wellness Month January 2022

The pandemic is not done with us yet, but in celebration of Financial Wellness Month this January, Swipen can help you adjust and improve how you take payments, keeping you and your customers safer, and improving your bottom line as we enter 2022. 

Integrated Payments - connecting your till to your terminal

Integrated payments - connecting your EPOS till to your card terminal - enables your business to process payments faster and increase your profits.

There are many benefits to an integrated solution for almost all business types, most importantly, the removal of human error, giving you accurate reporting from all tills and terminals.

At Swipen, we offer Integrated Payments free of charge and you can use our Pay at Table or Pay at Counter software, or both if it suits your business:

Pay at Table

A software design with restaurants in mind:

Split the bill at the table

Automatic table closing

Integrated gratuity & reporting

Turn tables faster

More efficient payment

Pay at Counter

Suitable for most businesses, offering:

Faster payments

Shorter queues

Better conversion

Greater profits

COVID secure

Discover which terminal type is best for your business

Portable

Restaurants

Pubs

Cafes

Countertop

Bars

Clubs

Takeaways

Retail & Shops

Take your payments to the next level

E-Commerce Payment Solutions

With the arrival of Covid-19 into all our lives, online only payments are looking to have a bright future that’s here to stay.

At Swipen, we want to bust the myth that taking payments online is complicated, and help you
adapt to this changing world.

We offer two types of E-Commerce payment solution either directly integrated with your website or a hosted payment page.

Directly Integrated

Integrated into your own website

Completely customisable

Branded to your business

Customers stay on your website

150 currencies supported

Shopping carts

No long-term contract

Alternative payment methods, including: Alipay, Apple Pay, Google Pay, WeChatPay

Hosted Payment Page

Easy to set up

Take payments in minutes

Swipen branded

Data processed by Swipen

150 currencies supported

Shopping carts

No long-term contract

Alternative payment methods, including: Alipay, Apple Pay, Google Pay, WeChatPay

Take your payments to the next level

Virtual Terminal - Taking Payments over the Phone

Many businesses find it useful to take payments over the phone, whether you’re a travel agent
needing to take deposits, a mobile tradesperson, travelling salesperson, you have a call centre, or you don’t have a website to take payments online.

Swipen’s Virtual Terminal allows you to take card payments over the phone quickly and securely.

Our solution is a web portal that can be used on a desktop, tablet or mobile device.

Virtual Terminal Key Features

More secure than a card terminal - Completing the payment over the phone with full customer details reduces the risk of chargebacks or fraud.

Pay By Link - Send a payment link to complete the purchase or pay a balance. This is also a useful feature for customers who prefer to not give their details over the phone.

Capture Customer Details - The Virtual Terminal allows you to capture all the customer details you will need for your CRM or Booking Systems reducing the need for double inputting.

Control Permissions - Restrict user access to only certain functionality so you can control what your staff can process and see.

Take Payments anywhere - The Virtual Terminal is compatible to all devices and allows you to take payments from anywhere - office, home or on the move in a safe and secure way.

Ideal for call centres, travel agents, travelling salespeople, mobile tradespeople, restaurants for pre-bookings and parties, hotels for rooms and events, or any business that doesn’t have a website that customers can pay through.

Take your payments to the next level

Web & App Solutions - Order and Pay-at-Table Platform

With COVID regulations in force across the country, restaurants and pubs are adjusting the way they work to reduce the spread of this virus.

Swipen are also adapting to these changing times, and working with our expert partners, we can now offer order and pay-at-table platforms, allowing you to benefit from cashless and cardless payment options.

Our solutions can be either Web or App based and we provide the choice between
a ‘Simple Solution’ and a ‘Bespoke Solution’, depending on the size of your business

Bespoke Solution

The best option for individual pubs and restaurants, small chains, or if location offers a different menu:

Use your own branding

At table QR code or WiFi login

Bespoke rates and fees

Links to your EPOS till *

*Depending on the EPOS company

Simple Solution

Ideal for larger chains where every location requires exactly the same functionality and offers the same menu:

Custom built to fit your business

Customers can access the way you want

Links to both your till and kitchen

No training required

Working with Pizza Hut

Swipen have helped create a bespoke value-for money solution for Pizza Hut, and we could do the same for you.

Get in contact to find out more.

Take your payments to the next level

Tip Per Tap -Contactless Tipping System

With the dawn of cashless and touchless checkouts along with app ordering systems and pay online methods, many restaurants, bars, cafés and hotels are finding that their waiting staff are no longer able to receive cash or card tips.

Swipen has the perfect solution: the new ‘Tip Per Tap’ Contactless Tipping System

Directly Integrated

A dedicated terminal is placed in a prominent location in your restaurant.

The terminal is set to ‘donation’ and the debit amount is set at a specific figure. e.g. £2

Your happy customers simply tap their card, phone or watch against the terminal to leave a £2 tip.

They can tap multiple times to leave a larger amount

Works automatically without the need for a member of staff to supervise.

End-of-day report is separate, making it quicker and easier to share the total tips received between staff members.

How about a little Tip Per Tap

Read our blog all about our new Tip Per Tap Contactless Tipping System.

Get in contact to find out more.

Take your payments to the next level