As a general rule, when only a few people have all the knowledge everyone else stands to get ripped off. Unfortunately, that is exactly what is going on in the eCommerce industry today.
The bottom line for the small business owner is you need to be PCI compliant. When this process, which is driven by the credit card companies, changed from a “best practice” to a requirement, a lot of businesses saw it as an opportunity to fleece their customers who didn’t have any understanding. Raise your hand if you were one of the small businesses that were assessed a “PCI compliance” fee or new “PCI tools” were added to your account for a small monthly fee? I can tell you straight up that it was all bullshit and simply a way to make more money based upon the lack of knowledge on the topic.
I spoke on a panel a few years back about the impact of compliance on the small business world. My opinion at that time was the increase in costs to enter business will simply stifle small business growth. When you raise the cost to enter any market, fewer people will enter. In a time when we still have a lagging economy, it just doesn’t make sense. As infrastructure providers, I feel there is a global responsibility to keep the barriers to entry as low as possible. Don’t get me wrong, I run this business to make money, but there are a lot of ways to do so that are much more credible and have the same result. So when I heard about a new fee Volusion was “passing along” to customers it is time to pull back the curtain and see what the wizard is really up to.
Here is the statement from Volusion:
“Due to increasing Internet security risks and growing regulatory compliance demands, Volusion is making extensive investments to maintain industry-leading PCI security standards. In order to continue delivering this highest level of security for your business, we must pass on a portion of this monthly cost to you of $25.00″
Ok, let’s break this down.
PCI DSS is a compliance standard for Volusion’s business. This requires very specific ways in which the company handles credit cards, account information, logins & passwords, etc. PCI DSS is also applicable to the hosting environment for their customers. In contrast, we certified PA DSS and work with hosting companies that have their data centers PCI compliant. Additionally, we are also going to have Pinnacle Cart become PCI DSS as a business. We will meet the exact same standards that Volusion touts. I personally know the investment it will take to become certified and it is less than $50,000.
Now let’s check that against what Volusion said. Volusion advertises 40,000 active stores and those customers will be responsible for paying “a portion” of the monthly fee PCI DSS cost that Volusion pay. It is worth noting that PCI DSS compliance is an annual fee and process. $25 x 40,000 customers is $1,000,000 month. Hmmmm, so Volusion is telling their customers that the $12,000,000 they will collect this year will partially pay for the compliance? Even though Volusion does have more customers than PinnacleCart, I’m pretty comfortable in stating their costs for PCI DSS isn’t 240x OURS! Plus that is only “a portion” of the costs? Seriously? Marketing can’t come up with a better spin on raising rates than this? Sorry, but this doesn’t pass the bullshit meter. In fact, it actually breaks the meter.
Now, as a business owner, I applaud Volusion for sticking their neck out that far to make money. That is the job we are all in business to do. I know there are spreadsheets in the CFO‘s office that says – even if we lost x% of our customers, we still gain x% in revenue, and that is the bottom line. I also think that when you make money in ways that are less than truthful, Karma will find you.
So, if you’re interested in a company that gives you PCI compliance for no cost, give us a call at 1-800-506-0398, we would love to have an opportunity to earn your business. I will kick in free data migration costs as a welcome packet to a new eCommerce family. PinnacleCart, a good karma company
President & CEO