Payment processing in Canada: Regulatory changes
The payment processing industry is facing many exciting changes in 2010. These changes are:
- Regulatory driven, by PCI DSS, and chip and PIN technology
- Consumer driven, by mobile technology and the entry of Visa Debit.
These changes present new challenges and opportunities for all card-accepting merchants and include:
- Regulatory driven changes
- Consumer driven changes
- PCI compliance
- Chip and PIN technology
- Mobile technology
- Visa debit
Over the next few articles, we’ll take a more detailed look at these industry changes. Today, we’ll talk about regulatory driven changes in the payment processing industry.
Regulatory driven changes
Payment Card Industry Data Security Standard (PCI DSS)
The biggest regulatory change to impact your business in 2010 is the introduction of the Payment Card Industry Data Security Standard (PCI DSS).
What is PCI DSS?
The PCI DSS is a set of 12 requirements that covers everything from developing a secure network to maintaining an information security policy.
How does PCI DSS affect your business?
First, you may have to change your current systems in order to meet PCI DSS standards. If your current payment processing system is up-to-date, you may only need a slight upgrade. If your system is old, it may be worth getting a new system. Contact your payment processor to determine which option is best for your business.
Second, you must document your security compliance. There are two categories of PCI DSS merchants. The amount of documentation required depends on which category you are in.
- Lower level merchants have up to six million transactions per year. PCI DSS requires a complete self-assessment questionnaire and quarterly security scannings.
- Level one merchants have more than six million transactions per year. In addition to the lower level requirements, level one merchants must comply with an annual audit conducted by a qualified security assessor.
Chip and PIN technology
The payment industry is moving to the more sophisticated and secure chip and PIN technology.
What is chip and PIN technology?
Chip and PIN is a method of payment that verifies the cardholder’s identity. Instead of signing a paper receipt to verify a cardholder’s identity, the customer enters a PIN.
How does chip and PIN technology affect your business?
If you are not chip and PIN compliant, your business is responsible for any credit card fraud committed against you. As of October 2010, VISA Canada and MasterCard Canada mandates that all costs of fraud default to the party who is not chip and PIN compliant.
If you are not already chip and PIN compliant, speak with your payment processor to discuss your options.
We’ll be posting more articles about changes affecting the payment processing industry. The next article will discuss the top two consumer driven changes likely to affect your business this year: mobile technology and the introduction of Visa Debit.
This entry was posted on Tuesday, March 2nd, 2010 at 8:17 am and is filed under Industry advice and tagged with chip and PIN, payment processing, PCI DSS, regulatory. So far, there’s been no comments.
Related stories
Payment processing products
Move money with our electronic funds transfer service and credit card processing products.
Learn more about our payment processing products
Profit Magazine ranks VersaPay No. 1
Benefits
Get set up with a secure and reliable solution at an agressive rate and with unparalleled customer service.
See how your business will benefit
Comments about this story