Blog & Company News

Oct 16, 2014

Show ‘Em You Care: PCI Compliance and Your Small Business

PCI ComplianceIf you’re a business that accepts credit card payments, you’ve become familiar with the Payment Card Industry Data Security Standard for protecting cardholder information, commonly referred to as “PCI”. As credit card processors, banks, and businesses get more serious about credit card data security, you owe it to your customers to choose compliance every time. In just the past year, we’ve seen data breach, after data breach, on top of data breaches across all industry sectors. Your customers want to know that you value their security and are serious about protecting their information. Showing your customers and clients that your organization is serious about data security will not only increase the legitimacy of your business, but you will be rewarded with satisfied lifelong customers who will spread the word about your solid business practices. Show your customers your business is serious about PCI compliance in the following ways:
  • SSL or Nothing – SSL (Secure Sockets Layer) is a standard security technology for establishing an encrypted link between a web server (website) and browser, or a mail server and a mail client (like Outlook). SSL allows sensitive information (login credentials, credit card numbers) to be transmitted securely. Make sure your business is only collecting customer data on a secure webpage; this will be indicated by a little lock icon coupled with “https” in the webpage URL.
  • Be Loud and Proud – Ensure your payment processing system is PCI compliant and take the necessary steps to keep your business certified. Flaunt your compliance standards and make it a prominent part of your marketing approach. You will put your customers at ease, as they know you’re doing everything possible to protect their personal information.
  • Help Develop Good Habits – Although an increasing number of consumers are becoming technically savvy, many people are still naïve about the vulnerabilities of email and other online messaging systems. Assume the mom-role and rebuke your clients for sending card numbers, banking numbers, or passwords via email. They may be put off initially but in the end, they will thank you for the lesson.
  • Don’t forget the CVV – Those three little digits (four for AMEX) on the backs of payment cards are not stored on magnetic strips or chips, meaning – in theory – you must have the hard in hand to know the code. Always ask for the CVV security code when processing a telephone or online payment. You should never store this information, but it will show the buyer you’re taking extra steps to authenticate the transaction.