In the business world, processing electronic payments is an essential part of most businesses. Here are some tips for protecting your customers’ information and making sure you are PCI compliant.
Make Sure your Equipment is PCI Compliant
Using an outdated point of sale system or other equipment puts your business at a much bigger risk than most people realize. Always make sure your POS system, swiper and even cell phones used to process payments are PCI compliant. In addition, make sure all software is updated regularly and is also PCI Compliant.
When purchasing new software or equipment, be sure to ask about compliance. Some software systems and other equipment being sold today are not compliant and have security issues and vulnerabilities. Protect your customers and your business by only using compliant systems. Not sure if your system is PCI Compliant, check on this list:
Hardware: Approved PIN Transaction Security Devices
Software: Validated Payment Applications
Work With Only Approved Providers
Most business owners do not have the time nor expertise to install, configure and manage their own processing software. If you hire a company to work with your processing software, make sure they are reputable and approved. As a part of your business’s PCI Compliance, you must only work with PCI DSS Validated service providers.
Do Not Save Card Numbers For Any Reason
Credit card processing regulations specifically forbid the storage of a card’s security code or any “track data” contained in the magnetic strip on the back of a credit card.
The card security number is the three-digit number on the back of Visa/MasterCard/Discover cards or the 4 digit number on the front of American Express cards. It is a way for merchants to know whether a customer authorizing a transaction over the phone or via the Internet actually has the card in their possession. This approach only works if the security code is never stored with the card number.
Most merchants understand they should not store security codes or track data. But, you need to make sure the information is not stored as part of the system you are using.
Electronic storage of credit card account numbers should be encrypted. Paper copies must be stored securely.
In some situations, such as mail order payment or recurring payments, merchants must keep credit card numbers either electronically or on paper. When electronically storing to make sure to always store these file in an encrypted format, using an high end encryption process.
Protecting customers’ credit card information is important for your business longevity and reputation. Some simple steps can insure your customers and your business is protected.
If you have any questions or concerns about PCI Compliance, contact Hometown Payment Solutions. We will be happy to evaluate your processes and make any recommendations.