Data Breach Indemnification
A PCI DSS survey conducted in 2010 by Trustwave shows that 90% of all data breaches occur with small merchants doing less than 20,000 transactions per year. This statistic challenges the popular belief that thieves target larger businesses because they accept more payment card transactions.
The data breach indemnification component of PAI Secure, helps your business meet the expenses and fines resulting from a suspected or actual breach of credit card data.
The PAI Secure data breach indemnification program may cover you up to $75,000 or $100,000 annually depending upon certain conditions.*
- The cost of a mandatory forensic audit
- Card replacement costs and related expenses
- PCI DSS assessments and fines
- Fraud losses incurred by breached cards used at other locations
* Please consult with your PAI Secure Customer Service representative for more information on which coverage level you may be eligible for.
Common process for uncovering a data breach
Many suspected security breaches are initiated by a cardholder complaint. Here’s how the process works:
- Cardholders complain to their issuers
Consumers report a possible fraud on their card (not necessarily at your location).
- Issuers notify the Card companies
(Visa, MasterCard, American Express, Discover or JCB):
- Card companies investigate fraudulent card use
Card companies determine where the card has been used for the last six months.
If used in your location in this time period, you may then have to submit to a forensic audit. This mandatory audit is on-site and conducted only by qualified security assessors.
The cost to you for this can be $10,000 or more.
- Forensic audit is performed to determine the cause of the data compromise
The audit report determines if there has been a breach, how it occurred and most importantly if you are PCI DSS compliant.
- Fines are assessed
Non-compliance is a major determining point whether fines will be imposed. Fines can be as high as $500,000. The card companies can also require you to pay for the reissuance of compromised cards ($25 to $50 a card), as well as any reimbursement for fraud activity. Certain states have enacted laws to impose fines as well.
Bottom line: You can suffer financial fines, reimbursement fees and audit costs totaling $25,000 to $500,000
The cost of a compromise is minimal compared to the loss of your consumers’ trust.
79% of the compromised merchants fall in two industries: retail and food service.