PCI Compliance Fees and Your Business

April 24, 2024

We take our role in providing guidance and education regarding the card payment industry very seriously. At our own expense, we have vigorously defended our right to continue expose unethical and predatory practices in the industry, successfully defeating every attempt to silence us. However, fending off frivolous lawsuits is costly. To sustain these efforts, one of the ways we generate revenue is through affiliate partnerships with ethical providers. This means that some of our outgoing links connect business owners to trustworthy, low-cost payment processors, which is what most of our readers seek. We see this revenue channel as a win-win-win for everyone involved. Business owners find good processors, processors get good clients, and we are able to continue to provide a valuable service to the small business community. We also recommend and link to many services that do not compensate us. Our priority is to guide you to the best solutions for your needs, regardless of potential revenue. If you have questions, please feel free to contact us.

All mentions of rate and fee costs are estimations based on publicly available information and client feedback. Actual costs may vary based on a variety of factors unique to your business.

Here's an illustration depicting a business owner looking at a computer screen with charts and graphs about PCI Compliance Fees

Merchant Account PCI Compliance Fee Explained

PCI Compliance Fees are charges that businesses must pay to ensure they meet the Payment Card Industry Data Security Standard (PCI DSS). This standard was created to increase security around credit card transactions and reduce fraud. When a business accepts credit card payments, it needs to handle and store the cardholder’s data securely to protect it from theft or misuse. The PCI Compliance Fee is typically charged by the payment processor or bank that handles the credit card transactions for the business. This fee helps cover the costs associated with maintaining a secure payment environment. It may be billed monthly or annually, and the amount can vary depending on the service provider and the level of security required by the business’s transaction volume.

Understanding PCI Compliance Levels

PCI DSS categorizes businesses into four levels based on the volume of credit card transactions they process annually. Level 1 applies to merchants processing over 6 million transactions per year and requires a formal assessment and regular security audits by a qualified auditor. Levels 2 and 3 are for merchants handling 1 to 6 million and 20,000 to 1 million transactions respectively, demanding a self-assessment questionnaire and a vulnerability scan by an approved vendor. Level 4, targeting merchants with fewer than 20,000 e-commerce transactions or up to 1 million total transactions annually, also requires a self-assessment and may need additional scanning depending on the acquiring bank’s stipulations. These levels ensure that appropriate security measures scale with the size and risk exposure of the business.

About Us

CardPaymentOptions.com

Established 2009

My name is Phillip Parker, and I started this website back in 2009 as a simple blog to call out shady credit card processors that were taking advantage of small business owners. At the time, I had no idea this side project would grow into a leading voice pushing for transparency and integrity in the payment processing industry. I also didn't anticipate just how far some of these companies' owners would go to try to silence me.

I was recruited out of college for a sales role with a credit card processor. At the time, I didn't realize the “training” was really about tricking me... into selling business owners expensive processing with hidden fees and long-term service agreements. In my first few sales, I unknowingly cost friends and family thousands of dollars after they trusted me to switch their services. When it finally clicked that something was seriously wrong, I was furious. I quit immediately and made a promise to expose that company and any others operating the same way. That promise is what led to the creation of this website.

As I wrote about these processors, their tactics, and the people behind them, the articles started to spread among business owners. News organizations picked up the stories, readers shared them online, and traffic to the blog took off. Unsurprisingly, that also caught the attention of the companies and individuals I was exposing.

Over the last 17 years, I've received several anonymous death threats and defeated four lawsuits meant to intimidate me into taking my blog down. Their efforts to muzzle me only made my determination to expose them even stronger, leading me to work with state authorities to help shutdown some of the worst offenders.

I'm proud to say that of the millions of people who have read my work, thousands have taken the time to write and thank me for helping them narrowly avoid a very costly mistake. This blog has played a small role in pushing the industry toward more ethical practices - but there are still bad actors out there, which means the work isn't done.

If I can offer one piece of advice, it's this: get every promise in writing, and take the time to review contracts carefully. Tools like ChatGPT can help surface red flags and uncover expensive surprises buried in the fine print.

If you've made it this far, thank you for reading. I truly appreciate you being here, and I wish you every success with your business.

Our Research Methodology

Pricing & Fees

We analyze all costs including rate structures (interchange-plus, tiered, flat-rate, etc), monthly fees, equipment costs, early termination fees, and hidden charges. This data is gathered from service agreements, statements and client feedback.

Features & Technology

Evaluation of POS systems, e-commerce integrations, mobile capabilities, reporting tools, recurring billing..., and developer resources. When possible, we directly test services and hardware. Otherwise, we rely on client feedback and public information.

Customer Support

We evaluate availability across phone, email, chat, and social channels. Measuring hold times, night and weekend availability, and client feedback regarding effectiveness, professionalism, and resolution rates.

Contract Terms & Conditions

We review service agreements and equipment contracts for reasonability, transparency, and fairness. We focus on uncovering any predatory clauses, such as unjustified early termination fees, hidden costs, and unclear cancellation policies.

User Experience

We comb the internet and interview current and former clients to evaluate the overall user experience and identify any common pain points that may impact the user experience.

Sales & Marketing Practices

We evaluate sales tactics, marketing materials, and client feedback to determine the level of transparency and ethical nature of the provider's approach. Does the provider publicly disclose pricing? Do they use teaser rates? We score based on these and other factors.

Processor Leaderboard

Merchant Education

More Merchant Education

Popular Reviews

See All Reviews