Over the years, PCI Compliance has come to represent many things for many companies. If you are a processor, it represents securing cardholder data, encrypting transmissions over your network, and extensive security on your network, costing hundreds of thousands of dollars. Indeed, equipment manufacturers also have evolved over the last several years, securing their payment applications and ensuring their hardware is compliant with the PCI and PABP standards. One payment application can cost as much as $100,000 to develop and certify as compliant.
For merchants, compliance ranges from a fee you've been billed by a processor without any understanding as to why all the way to a full network SCAN and secure encrypted transactions. Perspective is everything when it comes to PCI Compliance, however, compliance is something that everyone who is part of the payment landscape - merchants, processors, banks, networks, and equipment manufacturers - must observe and take part in. For some, it could be as simple as completing a Self Assessment Questionnaire (SAQ) and for other, "big box" retailers, it might involve extensive and expensive security upgrades and annual audits.
As you can see in the chart below, compliance starts with the payment applications you use to process credit cards, it continues on to the merchant processor you use (like Electronic Payments), and it continues on to you, the merchant. Even merchants must be PCI compliant, and we've put together this comprehensive website to assist you in becoming compliant with the PCI DSS appropriate for your level of business.