Credit card data theft has become an increasing problem for many merchants, and in order to avoid the financial and legal penalties often associated with PCI DSS non-compliance statutes, many merchants have taken a bit step toward tightening card data security procedures.
In a recent survey by Visas CyberSource Unit and Trustwave, almost 70% of those who do business online suggested that they have changed the way they process information to avoid penalties. They took things one step further, however, and said that the concern over the theft of data wasnt just one of worries over outside hackers, but one of concern over their employees too. As a result, many merchants are outsourcing the processing and data storage to third-party vendors who are already PCI compliant.
This seems to be a smart move from a financial standpoint too. According to the survey, those who do move their data processing to an outsourced facility spend less than $500,000 on the infrastructure necessary to keep card information safe. Of those who keep data within their companies, just 60% can claim the same low numbers. The same survey suggested it takes just 20 weeks on average to become compliant if e-commerce merchants outsource the task, but much longer for those who keep the data in house.