Web-Security Rules Loom for Small Firms – Is your firm ready?

A security push by Visa USA and MasterCard International Inc. is about to hit many small businesses that are unaware of — or unprepared for — the rules they’re expected to follow.

The credit-card associations, looking to keep card data out of the hands of thieves, have since 2001 promoted a strict set of security standards for all businesses that handle the cards. Until recently, though, they have focused enforcement on businesses handling vast numbers of transactions, such as retail giants.

But now they’re turning their attention to the bulk of companies engaged in e-commerce. By June 30, any company that accepts credit cards over the Internet and handles anywhere between 20,000 and six million transactions of each card annually will be required to submit documents verifying that they meet security standards.

"The card associations are rolling the bar down to smaller organizations," says Jim Cowing, managing partner of Digital Resources Group LLC, a San Mateo, Calif., security consulting firm that’s working with about 100 merchants. "It’s difficult as far as the cost and meeting the requirements in such a short time frame. Everyone is feeling that pain."

By RIVA RICHMOND
Staff Reporter of The Wall Street Journal.

From The Wall Street Journal Online

Full Story: http://www.startupjournal.com/ecommerce/ecommerce/20050503-richmond.html?sjcontent=mail