No one carries cash anymore, right? At least more and more people are flexing the plastic rather than relying on traditional forms of payment.
But like anything that makes it easier to communicate and interact with systems it comes with a risk. That’s risk to the customer and risk to your business.
The payment card industry data security standards (PCI DSS) is a set of requirements designed to ensure that everyone who processes, stores or transmits payment card information maintains a secure environment. There are a minimum set of requirements that are needed to protect cardholder data, this is whether you process one credit card a year or 1 million you need to follow the PCI DSS.
Failure to comply with the requirements, and loss of customer data, will jeopardise your customer relationships along with your business reputation.
Risks include untrained staff, counterfeit cards, failing to check signatures (if they are still used), storing card data and many more.
Here are 12 high-level PCI DSS requirements that will help you make sure transactions are secure:
- Install and maintain a firewall configuration to protect data.
- Do not use supplier-supplied details for system passwords and other security parameters
- Protect stored data (use encryption).
- Encrypt transmission of cardholder data and sensitive information across public networks
- Use and regularly update anti-virus software
- Develop and maintain secure systems and applications
- Restrict access to data by an individual need-to-know basis.
- Assign a unique ID to each person with computer access.
- Restrict physical access to cardholder data.
- Track and monitor all access to network resources and cardholder data.
- Regularly test security systems and processes.
- Maintain a policy that addresses information security.
Also, remember insurance is a vital safety net for when things go wrong. Our award-winning staff will be able to give you the very best advice.