The VISA mandate that all POS applications must be PCI compliant by July of 2010 have left retailers, pin pad manufactures and service 
providers alike ALL scrambling to meet this deadline. But what happens after July 1?
While Visa may not level fines prior to 2012, acquirers will still be liable for any breaches with non-compliant devices after July 1, 2010 — they in turn may fine ISOs who are supporting non-compliant merchants, and those ISOs may levy some or all of that cost on the merchant.
At tekservePOS, we are one of those service providers experiencing record project work right now due to the looming deadline and we are beginning to see a few trends. First, retailers are starting to concede the date. While many have pushed to be compliant by this July, some are just not able to accomplish that goal.
Second, product availability is tightening with the OEM’s (Ingenico, Verifone, Hypercom, etc.) experiencing what I’m sure are record ordering levels and retailers are unable to get the product they need in time.
Lastly, project work is “piling” up either behind this or, is being attempted to be “merged” with field work associated with this and everyone is struggling to keep up.
Our best advise is to check with your OEM and/or PCI Advisor to determine what it all means to you. And for those of us hoping to put this deadline behind us and focus on other projects the second half of the year, it looks like many of us will be scrambling a little longer than anticipated.
