If you head up a business or corporation that accepts cards for providing a product or service, then you have an important role to play in cutting down on card fraud.
This is why a set of rules called the ‘PCI DSS' was created four years ago: to help business leaders safeguard their companies against fraud.
For those managing directors and chief executives who haven't heard, the acronym stands for Payment Cards Industry Data Security Standard. These industry rules, mandated by the Card Schemes, dictate the steps service providers must follow to ensure cardholders'
personal information and card data is not put at risk.
Importantly, business leaders must not only make sure their company is fraud-proof, they must continually prove it through a series of regular returns, submitted to their acquirer, to allow the acquirer report to the Card Schemes.
Some may view the time spent on this by their accounts department and the resulting cost an onerous burden. But the fines for non-compliance levied by the Card Schemes such as Visa and MasterCard can be much greater. Especially if your card data is compromised
And let's not lose sight of the real reason why companies should cut down on fraud: it makes the lives of your customers a great deal easier and benefits society as a whole. You also avoid the serious effects and loss of trust a fraud breach can do to your
A card payment processor like HSBC Merchant Services can lessen your burden as it can advise on whether your company should team up with a Qualified Security Assessor (QSA) who can guide you through the PCI compliance process.
Basically, your company needs to follow 12 prescriptive requirements resulting in six main outcomes. For example, one includes building and maintaining a secure technological network to protect any customers card data held on file. This network must then
be monitored and tested on a regular basis to ensure a data breach hasn't occurred.
Payment and computer systems must also be monitored to make sure sensitive data, like the information on the magnetic stripe or chip on credit or debit cards, is not stored. If it is, a fraudster may be able to access this data and clone cards.
Card cloning is a huge international issue: more than 80% of data stolen in breaches of company systems is payment card data, according to the 2009 Verizon Business Data Breach Report.
Let us do our best to tackle it together.
By Darren Wilson, CEO, HSBC Merchant Services