04 Mar Preventing Credit Card Fraud: What is PCI Compliance & How Does it Protect Your Business?
It seems that the more technologically advanced our society becomes, the more at risk we are for fraud and theft. Just recently, major corporations, such as The Home Depot and Target, have had major security breaches, and the customer information in their databases was stolen, including thousands of credit card numbers. As a result, customers are more nervous than ever to entrust their personal and credit card information to merchants. AdvoCharge is committed to keeping you and your customers’ information as secure as possible, which is why we find it imperative to discuss the importance of PCI compliance and how it protects your business and customers.
PCI DSS stands for “Payment Card Industry Data Security Standard,” a set of rules that all merchants who accept credit card services must abide by to ensure their customers’ payment data is kept securely in the company’s system. The specific rules that apply to you vary depending on the size of your company — they’re managed by the PCI Security Standards Council but are enforced by the individual payment brands you offer. To find out which rules you’re responsible for adhering to, check with the payment brands you accept.
The PCI Security Standards Council outlines three steps involved when abiding by the PCI Data Security Standard to become PCI compliant:
“First, Assess — identify cardholder data, take an inventory of your IT assets and business processes for payment card processing, and analyze them for vulnerabilities that could expose cardholder data.
Second, Remediate — fix vulnerabilities and do not store cardholder data unless you need it.
Third, Report — compile and submit required remediation validation records (if applicable), and submit compliance reports to the acquiring bank and card brands you do business with.”
While it may seem that larger corporations have more to fear when it comes to hackers and identity theft, smaller merchants should be just as protective. Whereas the size and the amount of information large companies hold makes them appealing targets, smaller merchants are highly susceptible to credit card theft from thieves who steal numbers with internal skimmers, take the physical card’s information as it is swiped, and/or steal information online, as it’s processing.
The penalties for having credit card data stolen from your system, regardless of your company’s size, are severe and can cost thousands of dollars for only one stolen card. If a card number is stolen from your system, you’re not only responsible for all of the fraudulent charges made on it, but also for a forensic audit, card replacement fees, fines, and any other future liabilities. Protecting your customers’ credit card information pays in more ways than one.
For small businesses, especially, setting up security may be not only daunting, but also expensive. Many sales agents profit handsomely by selling security systems at outrageous prices. But AdvoCharge is a better and more reliable choice, as we use Trustwave, one of the most trusted names in PCI compliance, and only charge you $5 a month to keep compliant. If you’re not sure whether you’re PCI compliant, contact AdvoCharge as soon as possible at (844) 238-6669.