Exciting new partnership with Checkfront just announced. Learn more!
June 23, 2020
Drake Baar
Understand credit card and PCI compliance that affects all businesses that process credit card transactions, including campgrounds.
If you’re a campground owner that accepts credit cards as a form of payment, you’ve probably heard about the term PCI compliance. You may have even noticed extra monthly fees on your merchant account statements for not being PCI compliant. So, what exactly is PCI compliance, and why should it matter to you?
To be “PCI compliant” means that you are meeting the minimum security standards for accepting card payments set by the Payment Card Industry Security Standards Council (PCI SSC), which was founded in 2006 by the five largest credit card companies: Visa, MasterCard, Discover, American Express, and JCB. Because there are many risks involved in handling customers’ sensitive credit card information, the standards set by the PCI SSC are intended to help business owners like you reduce this risk and improve the security of customer information.
We see national headlines every year about companies that fall victim to massive cybersecurity breaches, which expose the sensitive information of tens of millions of customers: Adobe and Target in 2013, Equifax in 2017, Capital One in 2019, and the list goes on. Personal data can be stolen from cards readers, paper records, wireless networks, and other areas where transactional data is exchanged. Moreover, a data breach of customer payment information can be severely damaging to a business in a multitude of ways: hefty fines, costly audits and card replacement costs, and a bad reputation among customers.
In 2019, the hospitality industry had the fewest number of organizations achieve PCI compliance.
The requirements to achieve PCI compliance and avoid the crippling effects of a data breach vary depending on the amount of payments a merchant processes annually. There are four different merchant levels, ranging from Level 4 merchants that process less than $20,000 in transactions per year to Level 1 merchants that process over $6 million in transactions per year.
Regardless of which level you meet, the PCI SSC outlines six goals and twelve main requirements for reaching and sustaining PCI compliance as a merchant:
We know there are a lot of requirements to become PCI compliant, and you may be wondering where you should begin this process. The PCI SSC outlines a three-step process on their website:
Acquiring banks and payment card brands are the bodies who actually enforce compliance with PCI standards — not the PCI SSC itself. This makes it very important for a merchant to check with each of the different payment card brands they accept and use to ensure that the brand’s requirements are being met, since each brand will slightly differ from the next.
Once a status of PCI compliance is achieved, it must also be maintained going forward. Ongoing requirements for merchants can include submitting an Attestation of Compliance (AOC) every year, completing a Self-Assessment Questionnaire (SAQ) or Report on Compliance (ROC) every year, and having an SSC Approved Scanning Vendor (ASV) conduct vulnerability scans every quarter.
Fortunately, Campspot’s integrated credit card processors assist with reducing the burden for our partner campgrounds to become PCI compliant.
For more information about our integrated processors, contact our team at sales@campspot.com or 616-226-5500.
Additional Sources: PCI Compliance: Everything You Need To Know • PCI Security Standards
By entering your email you agree to our terms and conditions and privacy policy
December 13, 2024Author: Haley Dalian
Nostalgia is the next big travel wave. Read up on how to apply the latest insights to your campground's marketing strategy in 2025.
December 4, 2024Author: Team Campspot
If your off season falls during the winter, use these tips to keep your campground top of mind with campers.