CHAPTER 4: CONSEQUENCES OF A BREACH

The consequences of a data security breach are likely to be proportionate to the seriousness of the breach and the extent to which the merchant is able to demonstrate prior compliance with PCI DSS. For level one merchants, the combinations of fines, litigation and brand damage are significant; for non-level one merchants, the consequences of a breach are potentially as serious and include:

  • A significant cost for a forensic investigation.
  • The merchant automatically becoming a level one merchant (i.e. yearly on-site audits).
  • A possible charge by issuer(s) to acquirer(s) for card re-issue, which may be passed on to the merchant.
  • The merchant may lose its ability to accept payment cards.
  • Transaction costs may ...

Get PCI DSS: A Pocket Guide, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.