The Logic Group - PCI Survey reveals that only one in ten Merchants is currently compliant

PCI Survey reveals that only one in ten Merchants is currently compliant
100% of respondents are now aware of PCI DSS

Fleet, 21st September 2007 - A survey conducted by secure transaction specialist, The Logic Group, revealed that only 11% of respondents are fully PCI DSS compliant. The survey included responses from leading UK retailers, financial services institutions and other businesses that accept card payments.

Although only a small number of merchants are compliant, it is clear that significant progress has been made over the past twelve months. Awareness levels have hit 100% up from 85% last year and 45% two years ago. 81% of merchants have now assessed the impact PCI DSS will have on their business, a 56% increase from last year.

Despite these awareness levels the survey shows that there has been only an 9% increase in PCI compliance in the last 12 months. A further 6% of respondents have either not started the process of becoming PCI compliant or are not even planning to. This slow progress may partly be due to the perceived lack of information and support given to those businesses seeking to become compliant. Primarily 53% of those surveyed have received little or no support or information from acquiring banks or international card schemes.

“The merchant community has come a long way over the past twelve months,” said Mark McMurtrie, Marketing Director at The Logic Group. “However a lot more needs to be done as only a small number of businesses are compliant today, so security breaches and criminal attacks remain a very real possibility. What is particularly encouraging is that all the merchants are now aware of what needs to be done. The critical next step for most businesses is to get board approval for the necessary remediation work to be sanctioned. It is clear from the results that there is a need for further improved communication and support from the industry to accelerate take up and compliance.”

The survey also underlines the size and scale of the project to become PCI compliant. It is estimated that the first 6 months is primarily focused on assessment and project planning with the following 12 months focused on remediation and compliance. The results reflect this assessment as 69% of those surveyed still have 6 months or more to become PCI compliant. A significant minority, 9%, have no plans to implement the standard in the near future.

Top line survey findings include:

100% of respondents are aware of the standard, a significant improvement given only 45% knew about PCI two years ago.
81% of surveyed companies have already assessed the impact PCI compliance will have on their businesses, up from only 52% last year.
73% of companies surveyed have committed to achieving PCI compliance over the next 18 months.
Of these 73%, 42% are at the remediation phase, up from just 18% last year.
6% of respondents haven’t even started the journey to achieving compliance
53% of merchants rated the support they have received as being insufficient.

About The Logic Group
The Logic Group manages information and transactions securely for large and medium sized businesses across its European home market including all of the UK’s top 10 retailers. The company delivers unrivalled business value to its customers through the secure provision of card processing and IT services consultancy, together with delivering loyalty and insight programmes.

The group has won a number of major awards including the 2005 Queen’s Award for Enterprise for the central role it played in the UK roll-out of EMV Chip & PIN. For more information, see www.the-logic-group.com