Community
A critical component of any business success is being able to accept payments for goods and services. At the same time, we are keenly aware of the risk associated with doing so. Whatever one trades, whatever the business, any and every credit or debit transaction processed will involve sensitive personal information. This data has to transmitted and stored in a secure environment.
With the understanding both sides of the payments coin, card schemes like MasterCard and Visa insist that any business taking debit and credit payments comply with the Payment Card Industry Data Security Standard (PCI DSS). It is the best method for ensuring both the business and its customers are protected from the possibility of digital criminality. PCI DSS Compliance PCI DSS are a common set of industry tools and measurements established by the major credit card industries to ensure the safe handling and security of sensitive customer information supplied to merchants. Cardholder information can entail anything that’s held within the magnetic strip or chip to any numerical details printed on the card. This can include the PAN (Primary Account Number), which fraudsters would use to impersonate the cardholder. PCI DSS compliance secures the points from which any information can be accessed and stolen. These areas can include, but are not limited to, paper stored in a filing cabinet, a compromised card reader, a weak database or a hack into a wireless network. Small business, in particular, is a prime target for digital criminality. This is because they will be perceived as utilising a less sophisticated security system. Regardless of the third party responsibility, no business owner should forget it is the business’ responsibility to ensure any and all cardholder information is thoroughly protected. If cardholder data were stolen and there is no evidence of PCI DSS compliance, there could be a raft of consequences. The business could lose the ability to accept card payments, fines, penalties and, worse, loss of confidence from customers. There may be higher subsequent costs to become compliant. There is also the likelihood of going out of business. Where to Start Complying with PCI DSS standards requires meeting 12 specific guidelines that cover security management, procedures, software design and network architecture. How the business accepts payments would influence how requirements should be met. Most small merchants need only fill out a self-assessment form available on the PCI Security Standards Council website. Another option is to use an online PCI portal offered by merchant acquirers, such as ours. The portals are dedicated areas, supported by qualified security assessors. They provide a step-by-step functionality that walks through the assessment and offers information on how to become and remain PCI DSS compliant. The business will have to use an authorised route for PCI compliance. This can be either directly through the PCI Security Standards Council or one of its approved providers or companies. Point of Sale Tips
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Prashant Bhardwaj Innovation Manager at Crif
05 December
Tachat Igityan Founder and CFO at destream
03 December
Ritesh Jain Founder at Infynit / Former COO HSBC
Erica Andersen Marketing at smartR AI
02 December
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.