Ninety-five per cent of Britain's high street stores fail to meet the standards of the Payment Card Industry, according tp leading security industry experts.
The Payment Card Industry Data Security Standard (PCI DSS) is a worldwide information security standard defined by the Payment Card Industry Security Standards Council.
It was created to help prevent credit card fraud through increased controls around data and its exposure to compromise.
But UK retailers are not taking online security seriously enough according to evidence from industry insiders according to a "round table" panel of experts.
Despite pressure mounting to comply with PCI DSS requirements, online-only retailers are leaving their high street competitors behind in the race to meet the standard.
According to figures issued by Visa earlier this year just nine per cent of the UK's Level 1 retailers (those that handle more than six million transactions a year) have actually managed to achieve PCI DSS compliance.
Graham Boler, a consultant at the UK's leading independent security risk consultantcy, ECSC, said, "Most merchants are really now only coming to terms with the standard.
"While the larger retailers have embraced it pretty strongly, in the UK the next tier of high street retailers are only estimated to be about five per cent compliant."
Neil Lathwood, IT director at UKFast, added: "By not investing in the standard retailers are shooting themselves in the feet and putting themselves at a disadvantage to their competitors. They are also leaving themselves open to huge fines."
In a move to encourage businesses to adopt the standard, Visa increased its fine for a data breach by a Level 4 merchant (processing fewer than 20,000 ecommerce transactions annually) from £2,500 to £10,000 last year. In the first half of 2009, £200,000 a month was collected in fines.
Daniel Atherton, managing director of Athernet Solutions, said: "The benefits to retailers and online merchants is that it will weed out a lot of unscrupulous websites and put pressure on those that are ignorant and do not realise what levels of security they need."
The round table discussions are held in association with UKFast with the aim of uniting business leaders to share advice and provide a wealth of ideas for other developing companies.
UKFast is one of Europe's fastest growing technical companies (as ranked by Deloitte) and has been at the heart of the UK internet industry for 10 years.
The panel was completed by Jason Zemmel of Sterling Pharmacy, Reshad Hossenally from Ticket Arena and Richard Bromley from Ken Bromley Art Supplies.
Post a comment