Evan Schuman's "Storefront Backtalk" is reporting that MasterCard has published it's PCI fines in a move to remove itself from the PCI shadow of Visa...

MasterCard has become the first card brand to publish its PCI fines and related requirements, a move that could be the latest signal that MasterCard wants to step out of the PCI shadow of its larger rival, Visa. The dollars themselves do not reflect a radical change, although they do include some healthy increases.

“The noncompliance assessment structure now contains escalating assessments per violation within a calendar year,” said the document sent to members earlier this summer. “Maximum assessments for initial noncompliance for Level 2 and Level 3 merchants have increased to $25,000 and $10,000, respectively. Furthermore, the $500,000 annual aggregate maximum for acquirer noncompliance assessments related to program noncompliance has been discontinued.”

As for those escalations, MasterCard has grouped Levels 1 and 2 together. The first violation for those groups is $25K, jumps to $50K for the second violation, $100K for the third violation and $200K for the fourth. Level 3 retailers face first through fourth violation fines of $10K, $20K, $40K and $80K. Service providers that are ranked either Level 1 or Level 2 will see first through fourth violation fines of $25K, $50K, $100K and $200K.

Continue Reading at Storefront Backtalk

Editors Note:  Want to find out how you can remove your company from the scope of PCI compliance?  Send me an email:  jfrank@homeatm.net