ControlScan and Merchant Warehouse Report See’s Small to Mid-Sized Businesses Making Progress


I like this.


ControlScan and Merchant Warehouse have released the results of their annual survey of Level 4 (commonly known as “small business”) merchant awareness, sentiment, and progress regarding the security around cardholder data in agreement with payment card industry (PCI) standards. This upturn in security interest may be because of the Target data breach in December 2013, where nearly 40 million customers had their information hacked from Target terminals.

According to Visa’s webpage, Level 4 merchants process less than 20,000 Visa e-commerce transactions annually and all other merchants processing up to 1 million Visa transactions annually. The Level 4 merchant group represents 98% of all U.S. retailers, is primarily comprised of small to mid-sized businesses (SMBs), and numbers in the millions. The newly released research report “Payment Security and the SMB: The Fifth Annual Survey of Level 4 Merchant PCI Compliance Trends” reveals that as a group these merchants are making progress, though concerns remain about their security readiness.

615 Level 4 merchants responded to the 2013 survey, providing acumen for independent sales organizations (ISOs), acquirers and other merchant service providers (MSPs). Among the numbers are 43% of merchants who are personally responsible for information security in their organization, though 35% say no one is assigned the responsibility.  51% do not require their third-party service providers to achieve and maintain PCI compliance; and only 36% have developed an incident response plan (IRP) for their business.

This news seems lackluster, as most people believe that those in the business world are prone to fixing problems after they occur, instead of being prepared to ward off problems. However, this is likely to change in the coming years because of the massive media focus on terminal security, thanks in part of the Target terminal hackings. This this massive incident is not isolated; terminals even with great security are at risk at any time of being hacked into.

Numbers next years should be better. Security is getting better every day, and it has been in the media a lot as of late, thanks to the data breach at Target. While not ever issue can be prevented, many can be, and the effects of larger problems can be lessened. This is not only good for consumers, but for merchants and e-merchants, as their reputation depends on customer feedback and reviews. Regardless of the business you own, it is wise to develop an incident response plan in case a data breach happens to you. The better prepared you are, the more likely you can your customers will come out less harmed than if you are not prepared at all.

Hi, I’m Blair Thomas the Co-founder of, the top electronic cigarette merchant account company in the US voted by  I have 10+ years of experience in the electronic payments industry, managing several successful agent offices and registered ISO’s. I work hard during the day and spend my nights and weekends developing my music.

Tags: , , , , , ,

Post a Comment

Your email is never published nor shared. Required fields are marked *


Subscribe without commenting