IMGCAP(1)]
The response among small, Level 4 merchants to the industry's data-security campaign is limited because of their low awareness of potential threats, according to James Taylor, vice president of alliances at Trustwave. Level 4 merchants process less than 1 million Visa transactions annually. Smaller merchants "do not understand what cardholder data" they store and process, and "they don't know the risk of compromise," Taylor said last month at the Midwest Acquirers Association conference in Lombard, Ill. More than 90% of data compromises occur at Level 4 merchants, he said. After a data breach, a small merchant "very often" will not survive because of the associated costs, such as legal fees and lawsuits, said Taylor. To increase smaller merchants' awareness of security risks and to increase their compliance with the Payment Card Industry Data Security Standard, independent sales organizations and acquirers should offer programs that directly address data-security issues, he said. Trustwave is a Chicago-based data-security company.
