In our increasingly cashless economy, it is no surprise that businesses & customers were thrown into a panic when Target announced the breach of possibly over 70 million customers’ debit and credit card information.
Because the immediate threat to customers is easily seen, the threat this poses to payment processors is often overshadowed.
Security is undoubtedly a priority in the payment industry. That’s why, in 2004, the Payment Card Industry Security Standards Council created PCI Data Security Standards — a set of security requirements which states that all businesses that store, process or transmit credit or debit card information must be PCI compliant.
While the standards must be implemented, it is up to each business to enforce them. In the case of Target, it has been suggested that enforcing them was not heavily executed due to the cost it takes to maintain compliance [a cost that is 2.65 times less-expensive than managing a data breach].
There are several varying stories of what actually happened with Target, but one thing is clear — it did happen and the true story will slowly emerge over time. What is most important is protecting and regaining cardholder trust and confidence.
The payment companies suffer greatly as businesses and consumers begin to lack trust in making and accepting electronic payments. And with more than $4.5 trillion in card sales in the US, no business or payment company can afford to lose that trust.
One way to gain and ensure that trust is to provide PCI compliance to your merchants [if you’re a payment processor] and adhere to those PCI regulations if you’re a business owner.
For example, EDPS ensures that all of our merchants can easily become PCI compliant. For more information on how to become PCI compliant and how EDPS can help you, click here.
If you’re a business owner, another way to make your clients feel comfortable is to let them know you are PCI compliant & you adhere closely to the regulations. Give them more information direct from the PCI Security Standards Council’s website here. Another neat feature is that they can verify your compliance on the website here.
If your business becomes compromised, you should be prepared. According to the Better Business Bureau, a data breach notification policy should be drafted ahead of time & employees should be trained to identify and report suspicious activity. Follow these six steps to learn more about what to do.
If you have questions about PCI Compliance, feel free to contact EDPS at 866.578.9740.
This article was written by Olivia Day, Marketing Manager for EDPS, to contact Olivia, email firstname.lastname@example.org