PCI Compliance and EMV - Clearing Up the Confusion

Dan Geraty


PCI compliance and EMV are vital for business owners to understand, but they often confuse the two standards. This is partly because both require various assessments and certifications, and some solutions help solve for both. PCI is a recently updated set of standards that aim to prevent card data theft and data breaches. EMV is also a security standard, but it focuses solely on preventing thieves from producing and using counterfeit cards by way of the country's 394 million chip cards.

In short, PCI compliance is mandatory for all businesses that accept card payments. EMV is not mandatory, though it is strongly encouraged. Beginning in October 2015, costs associated with fraudulent activity shifted from financial institutions to merchants if their business failed to provide EMV-compatible equipment.

Here's a link to the full article in PaymentsSource that includes four security practices I recommend to all businesses that accept card payments.