We notice you are visiting from a U.S. Internet provider. 
16/03/2010 -
A common complaint among small, Level 4 merchants is that the PCI compliance mandates are too intense and burdensome for them, and are better suited to larger merchants.However, small merchants should not expect the PCI DSS burden to be lifted anytime soon, according to PCI Security Standards Council general manager Bob Russo and council CTO Troy Leach.
In an interview with payment processing security expert Anton Chuvakin at the recent RSA conference, Russo and Leach said that tiered security requirements are not in the cards, Chuvakin reported on his blog.
"You cannot dumb security down below a certain level," they told Chuvakin. "More education efforts will be needed to explain to merchants how to satisfy requirements and become compliant."
However, the PCI SSC will try to help out in this respect - Russo and Leach said that the council "is planning to build more tools in order to help merchants understand what exactly they need to do to become compliant," such as a wizard interface to simply the SAQ process.
PCI compliance has historically been particularly difficult for small merchants to achieve - a survey of U.S. Level 4 merchants by the National Retail Federation, ControlScan and the PCI Knowledge Base, for example, found that 29 percent of respondents admitted to not being compliant.
