Retailers, vending machines, food trucks, parking garages, and taxi’s have one thing in common, they all accept credit cards. Credit cards are a great convenience for consumers, but can be a headache for small businesses. Type in “credit card processing” and you will get a number of results for companies that offer to process your credit card transactions for you. Seems simple, but like most business arrangements the devil is in the details. What the processor may not be telling you is that they are contractually requiring you to be PCI compliant.

The PCI Security Standards Council is an open global forum, launched in 2006, that is responsible for the development, management, education, and awareness of the PCI Security Standards. Its founding members are American Express, Discover Financial Services, JCB International, MasterCard Worldwide, and Visa Inc., and they have agreed to incorporate the PCI DSS as the technical requirements of each of their data security compliance programs.

It is the credit card companies attempt to self-regulate and, if you are accepting their cards, you need to be aware of their data security standards. So read the Terms and Conditions closely from your credit card processeor to determine if you are required to comply. If you have to comply with PCI, talk to someone with experience in this area to make sure you have the appropriate technology in place.