The 2016 KPMG Consumer Loss Barometer reported recently that 20 percent of consumers would abandon a retailer permanently in the event of a data breach. The best way to avoid a breach for your business is to ensure you are following Payment Card Industry’s Data Security Standards (PCI DSS). If you suffer a breach and do not comply with these regulations you could end up paying fines and be liable for any losses incurred against the compromised cards.
The PCI DSS are a set of regulations that are put in place to ensure that all companies accept, process, store, and/ or transmit cardholder data (i.e. credit card information) in the safest possible manner. The PCI DSS are run by the PCI Security Standards Council, which is an independent body founded by the five largest credit card companies. They started this initiative in 2006 to better the security of transactions. The five credit card companies that comprise the PCI Council believe that sellers and organizations that accept credit cards are responsible for the security of those transactions. This is why it is crucial that highly-safe and preventative measures are set in place to stop the theft of cardholder data. PCI Compliance is crucial for a number of reasons.
If you’re using more than one independent provider to service your payment cycle, then you are more than likely sending out and storing your customers’ data between all of your different providers. This makes the responsibility fall onto your business for validating and maintaining PCI compliance. Every time you pass data between your different providers, PCI compliance regulations require that the seller ensure that each and every step is encrypted and protected in a way that authorized parties can access. A self-assessment questionnaire is provided by the PCI Council that includes a checklist of their requirements that need to be fulfilled depending on transaction volume.
Annually, Sterling Payment Technologies conducts an extensive review of our own systems to guarantee that the highest security standards are set in motion for the handling, processing, transmission, and storage of your card data. Sterling has created a program for merchants that will recognize if they are operating on PCI compliance. The process pinpoints vulnerabilities in a merchant’s credit card processing system, including their POS systems, computers, servers, Internet applications, online shopping carts, paper-based storage systems, and unsecured transmissions of cardholder data to service providers. Complying with the PCI DSS is your greatest defense against hackers who are looking for weak spots in the network that enable them to get in and steal cardholder data. For those merchants not utilizing Sterling Payment Technologies, the responsibility of maintaining and validating PCI compliance typically falls directly on their shoulders.Back To Blog