Starting next year, credit card accepting online merchants doing business in Nevada will need to be PCI compliant. What many merchants may not realize that regardless of where they are, they probably already have a contractual obligation for PCI compliance,

While usually a contractual obligation, Nevada is the first state writing the requirement into law. PCI compliance is a set of security criteria that must be implemented by a merchant in order to protect sensitive information during any credit card transaction.

Merchant911 mentioned an interesting point regarding the Nevada situation. According to the legislation:

” If a data collector doing business in this State accepts a payment card in connection with a sale of goods or services, the data collector shall comply with the current version of the Payment Card Industry (PCI)”

Merchant911 translates this as meaning regardless of your location, if you have customers in Nevada who use a credit card for purchases, then strictly speaking, you need to be compliant.

In relation to contractual obligations, PCI (Payment Card Industry) compliance used to be optional for many small merchants up until recently, but I believe it’s now obligatory for just about everyone - it’s just that few card issuing banks have enforced it.

However, if you should experience a security breach, this requirement could be brought to light and really deliver a slap to your business, so merchants should check with their merchant account providers regarding this aspect.

PCI compliance can be a bit of a pain, but it does provide you with peace of mind and reassurance to your web site visitors - and this can translate to increased sales. PCI compliancy services usually also provide a seal you can display on your site as a visual indicator of third party validation of a high degree of transaction security.

Related:

PCI compliance - what you need to know

Third party security seals boost conversions.