You may not think about your card processing system as more than what it does, which is to provide a way for your customers to pay for the products and services you offer. But it's much more than its function. To process those payments, the system needs to take the information from your customer's credit or debit card, contact the financial institution to make sure they have money available to pay, and then finalize the transaction. If your system is ever hacked, fraudsters will have access to all of that card data, which puts your business at risk for liability. While determining liability for security breaches is not a clear-cut process, you don't want to put your business in jeopardy. Since it probably doesn't make sense to go cash-only, read on to find out how to protect your business and your customers.
What is PCI Compliance
PCI stands for payment card industry, and PCI compliance helps to ensure the security of every single credit card transaction your business processes. The PCI Security Standards Council (PCI SSC) is a global forum, founded by American Express, Discover, JCB International, MasterCard and Visa Inc, that develops and drives the adoption of data security standards and resources for safe payments worldwide. They provide the framework, tools, and support resources to help businesses safely conduct card transactions.
PCI Compliance Requirements
To help minimize card payment fraud, PCI SSC launched a set of 12 standard requirements to ensure businesses of all sizes are on the same page and maintaining a secure environment. These standards are designed to protect your business from breaches and to make sure you're compliant with the many rules surrounding payment processing in general (not writing down card data, making sure the applications and other devices are processing transactions securely, etc.). You don't have to reinvent the wheel thankfully. These guidelines are an efficient way to stay up to date on the important information you need to know, and PCI SSC also provides an assessment you can use to ensure you're doing everything right. This will help to prepare not only yourself but your customers as well and include:
- Install and maintain a firewall to protect cardholder data
- Proper password protection
- Protect cardholder data by encrypting data with certain algorithms and performing regular scans to ensure all data is encrypted
- Encrypt transmitted data over public networks
- Use and maintain antivirus software on all devices that interact with primary account numbers
- Properly update all software
- Restrict data access
- Provide a unique ID for authorized user access
- Restrict physical access to cardholder data
- Create and maintain access logs for all activity involving cardholder data
- Regularly test security systems
- Document policies for all systems, software, and authorized employee logs involving the PCI DSS requirements
Make Sure Your Equipment is Up to Date
Your point-of-sale system and payment processing tools are used all the time and need to be secure. This is your (and your customer's) best defense against loss and fraud. Customers are used to making quick and easy payments their way, and you don't want to disrupt the flow of business with data security or fraud concerns. In many cases, you can look to your merchant card services vendor to keep up. It's always a good idea to call and verify that the equipment you're using is updated, and if there is a newer, more secure version, consider upgrading your equipment. If you haven't looked recently, WaFd Bank offers different options for merchant payment processing so your customers can pay the way they want to.
Guarantee Your Transaction
At WaFd Bank, our merchant services provider, Heartland, processes each transaction through Heartland SecureTM technology, so each one is triple-secure to protect customer data. Heartland SecureTM comes with an additional breach warranty at no extra cost to further guarantee that every transaction is protected from a breach or fraud.
WaFd Bank is Here to Help
We know a thing or two about security, and we're here to answer all your questions both big and small. Not only does WaFd offer business accounts and business services such as secure credit card processing systems, we also offer helpful tools like Positive Pay and WAFD Treasury Prime Plus so you can have peace of mind and get back to running and growing your business. Give us a call at 800-324-9375, stop by your neighborhood branch, or contact your local business banker to get started today!
