Have any of you been hit with these ridiculous charges supposedly forced upon the processors by Visa/Mastercard?
It is true that most processors are passing along PCI compliance fees. A handful don't. Visa and MC do require that all merchants be PCI compliant. That much is true. However, Visa and MasterCard do not force processors to hit merchants with PCI compliance charges. The reality is that many processors are using PCI compliance as revenue generator. Furthermore, paying a PCI compliance fee does nothing to demonstrate compliance. As I mentioned at the outset, not all processors tack on PCI compliance fees, so it pays to do your homework.
Hi, PCI compliance is an industry standard now, so it's expected all processing companies will begin following this approach one day soon (require scanning, pay fines if not compliant, etc.). Fortunately, you can rid yourself of fees by having your web host assist you in ensuring your web server is PCI compliant. Many web hosts are PCI compliant out of the box. If necessary moving to a PCI compliant host will resolve this situation, and as a bonus reduce the potential your web site may be hacked in the process ("an ounce of prevention...") PCI security standards are minimal security standards set forth in cooperation with the FBI, major credit card industry players, et al. Some standard is better than nothing IMHO (albeit annoying if your host says no way-- can't do it). Once your host has updated your server to PCI compliance standards you can use any of the major scanning services out there (mcafee secure, trust guard, etc.) to prove compliance. Many card companies have their own compliance scanning services in house, so you may be able to take advantage of those free of charge as well. Hope this has helped. I'll keep an eye on this post in case you have any other questions. Best Wishes, Jim Walker