Re: Great
Oh, PCI has teeth. Trouble is that a good chunk of their customer base are gazelles: prone to running, and teeth are no good without something to bite down on. For many of these small businesses, they have to weigh the costs of using the equipment vs. the additional customers who appreciate being able to use plastic. If the numbers don't add up, they don't fall under PCI's umbrella.
It's a lot like odious office password policy that makes passwords so hard to remember that everyone resorts to Post-It notes. You try and make things too tough and your clients defy you, leaving your overall picture weaker.
It's actually something of a hard problem in security vs. economics. What happens when the least acceptable standard is so odious to implement few are willing to put up with it?
Biting the hand that feeds IT
