The Logic Group - UK retailers not ready for new card payment security standard

UK retailers not ready for new card payment security standard

- more than half unaware of new data security process
- three quarters yet to put any measures in place
- deadline already passed

Fleet, Hampshire, 14 th September 2005: A survey carried out by the Logic Group and The Retail Bulletin reveals that, two months after the June deadline, almost three quarters of retailers aren't ready to adopt and comply with the new Payment Card Industry (PCI) data security standards mandated by Visa and MasterCard to safeguard consumers from identity theft through the misuse of their card details.

PCI has been introduced following a number of high profile cases in the USA where literally thousands of card details were stolen. Merchants not compliant are now liable to substantial fines and risk being permanently barred from card acceptance programmes.

Not one of almost 100 merchants surveyed had achieved full accreditation despite the June 30 deadline having already passed. Indeed, 55 per cent were not even aware of the data security process and a further 73 per cent have put no measures in place to ensure compliance.

"The survey findings are truly worrying," says Mark McMurtrie, Logic Group Marketing Director. "With such significant repercussions for those merchants failing to achieve compliance, it's amazing that the PCI standard has had such a low profile up until now. Do we have to wait for another high profile UK fraud case where thousands of card numbers are stolen and personal data is compromised before the gravity of the situation is finally realised?"

The survey highlighted that a massive 57 per cent of the audience had received no support or guidance on PCI. The standards are intended to guarantee that cardholders' details remain safe when conducting payments, whether from point of sale, via the Internet or over the phone. Although the guidelines for the standard were drawn up by Visa and MasterCard, other card issuers including American Express and Diners Club have also endorsed the scheme.

"In some ways, it is hardly surprising that merchants have done so little to achieve PCI compliance," adds McMurtrie. "Adopting the standard requires a comprehensive risk assessment to identify non-compliant areas followed by remediation services to address them. Few merchants will have the necessary resource or expertise to achieve compliance and maintain it without expert help. Our aim is to help merchants minimise the costs and time involved in meeting this mandatory regulation."

As the European market leader for integrated card processing systems, the Logic Group has unrivalled expertise in card payments and security. The company offers a range of PCI services to ensure compliance is achieved and maintained whilst enhancing overall data security. PCI assistance from the Logic Group can be provided to in-house staff or through project management on a fully outsourced basis.

To view a detailed breakdown of the results, click here...

Note to Editors

Sample size: 92 completed responses from merchants. Further replies from banks, consultancies, hardware and software suppliers were discarded. Survey ran throughout August 2005.

About the Logic Group
The Logic Group manages information and transactions securely for large and medium sized businesses across its European home market. The company delivers unrivalled business value to its customers through the secure provision of card transaction processing and communications infrastructure services, together with delivering comprehensive management information and customer insight.

The group has won a number of major awards including the 2005 Queen’s Award for Enterprise for the central role it played in the UK roll-out of EMV Chip & PIN.