Podcast: The Small Merchant's Response To A Breach Is To Pretend It Didn't Happen

Of the seven stages of grief, the most remembered is denial. It's certainly remembered by small merchants, who often bizarrely gravitate to denial when they are told that they have been breached. At least that's how Chris Geron, chairman of the MAC Government Relations Committee, sees it.

The justifications for this denial are many, Geron said in this week's PaymentFacilitator.com podcast. Some cling to the absurd belief that being granted a letter of PCI compliance means "that it's not possible to be breached," Geron said. Other small merchants react negatively to a notification from a cardbrand, bank or processor. "Small retailers often believe that if the information has not been shared with them by law enforcement, that the allegation of a breach is not true," Geron said. And some smaller store chains believe that only large chains get breached, he said, despite the fact that the opposite is true. But the most likely reality-denying aspect is financial.