« Driving a stake through a blood sucking patent | Main | Google Does Evil »

June 07, 2010

Ashimmy’s Law of PCI and Weasels

weasels So I have been dealing with merchants, PCI and payment processors for about the last 6 months.  During this time I have had the chance to speak to literally hundreds if not thousands of merchants. 

My observations have led me to a keener understanding of what is actually going on in the merchant world regarding PCI.  I call it Ashimmy’s Law of PCI and Weasels.  It states:

The more high risk and ethically questionable a merchants business is and the greater the risk of fraud and loss is, is directly inverted to the amount of money and resources they will designate for PCI compliance.

Think about it.  The very merchants who are the real targets of PCI compliance, the ones with the most to lose, are the same merchants who are always looking for an “angle” to skirt the compliance regulations and refuse to put any resources into becoming compliant.

Yet the poor level, 4 brick and mortar merchant who isn’t storing credit cards or anything is the one who wants to know what he can do to lower his risk of fraud.

Meantime the guy selling penis enlargement creams, anti-wrinkle lotion and magazine subscriptions is only looking to see how they can get out of putting any dollars towards protecting the customers credit card info. 

But of course it is these same merchants who are the ones keeping the credit card info on file.  I had one last week explaining to me the logic of why he has to keep his card data environment in front of the firewall, so that his people could access it, rather than putting it behind the firewall. 

Setting up a VPN and putting the data behind the firewall was just too much work for him.  Another weasel who doesn’t care about his customers card data, while he is raking in a half a million dollars a month selling “supplements”.

There should be a “weasel class” merchant whose liability will be enough to make them take PCI seriously.


TrackBack URL for this entry:

Listed below are links to weblogs that reference Ashimmy’s Law of PCI and Weasels:


My Photo

Subscribe to my blog

Enter your email address:

Delivered by FeedBurner

Lijit Search

Blog Networks

Creative Commons License
This work is licensed under a Creative Commons Attribution-Share Alike 2.5 License.


Lijit Search

Blog powered by TypePad
Member since 10/2005