There’s a lot of talk about Payment Card Industry Data Security Standards (PCI DSS) these days. But unlike so many issues that attract media attention, this one is not going away. In fact, the talk from leading credit card issuers is about to be translated into action — action that will ultimately require all merchants and service providers sending data electronically to adhere to steps to protect both the transactions and the data needed to complete them.

Why this push? Consumer safety is the first concern. The TJX incident caused widespread consumer concern, something neither the retailers nor the credit agencies they use want.

The other force driving PCI adoption is an ideological shift in responsibility. Up until this point, it’s been the banks and credit card issuers who have accepted the liability — and the associated costs — for any fraudulent transactions. But that’s about to change. Banks and credit card issuers want retailers to step up and start accepting their share of the fraud prevention burden.

We suggest the very first thing retailers do is find out if these mandates even apply to their business — not every business is directly affected. Give us a call and we’ll help determine your level of responsibility and what you need to do about it, if anything.