Are you absolutely sure your payment-processing security is 100% foolproof and invulnerable to data theft? All it takes is one disgruntled or unscrupulous employee to walk away with customer credit card information…
…Can you say with complete confidence there are no risks in your store’s payment processing chain-even if said disgruntled employee copies credit card info and tries to, say, purchase a new pair of shoes with it?
And even if you have no qualms about the morals of your employees, how can you be sure that a remote cyber criminal can’t hack into the payment processing transaction history? Can you guarantee that your customers won’t be the victims of malware, phishing, remote access, and card-reader skimming devices?
Moreover, is your point of sale (POS) system outdated? Is your password 123456?
For threats and security concerns like these, the PCI (Payment Card Industry) Security Standards Council (PCI SSC), a global forum and community dedicated to keep merchant systems secure, has developed a new tool that will help small business owners ensure that their customers’ sensitive payment card information will remain safe.
According to Verizon Data Breach Investigations Report, lots of small business may benefit from the tool. In fact, the Report finds that over 60 percent of breached organizations surveyed were small businesses.
In light of this, how can the new tool PCI-SSC has launched help prevent cyber criminal attacks?
For starters, the new technology can assess how vulnerable your payment environment is to security risks.
You might not have the technical knowledge needed to effectively manage security risks against cyber (or in-store) attacks. But the PCI Security Standards Council online tool (it’s called the “PCI Data Security Essentials Evaluation Tool”), along with updated educational resources, creates a simpler way for small merchants to evaluate how they are addressing critical security risks for their specific payment environment.
Another problem facing small business owners is that payment technologies often change at seemingly lighting speed. This presents two problems. First, if you don’t adopt new payment processing technology, how do you know that your system’s security won’t be outdated? But if you do switch to the latest payment-processing software, will you know how to use all the bells and whistles it offers to prevent hacking?
Regardless if you update to the latest in payment processing tech or remain with your current payment environment, the new evaluation tool provides teaches small businesses what the most common, critical risks for their specific payment processing environment are. Moreover, the PCI Data Security Essentials Evaluation Tool provides the proper resources to address potential threats.
Another problem facing small business owners is that they simply don’t have the time to have a conversation with their payment partners about security threats. And even if there is time to discuss security essentials, what questions should a business owner or general manager ask?
To answer the question, the PCI Data Security Essentials Resources provides small business owners with the questions they need to ask their payment partners to have a dialogue on payment security.
Think of it this way: if you’re about to buy a house but know practically nothing about real estate, you’re not going to ask the real estate agent or home inspector the right questions. But even if you’re nowhere near expert at understanding cyber threats, the PCI Data Security Essentials Resources acts like your coach in this capacity. Using the Resources will boost the small business owner’s understanding of proper payment security.
The new online tool and resources follow on the heels of the PCI Small Merchant Taskforce, a global, cross-industry consortium launched by the Council in 2015. The Council developed these educational materials and resources to help small merchants protect payment card data from potential compromise. The taskforce includes global payment security experts, merchant associations, and merchant banks working directly with small businesses.
For more information, visit PCI SSC’s Merchant Resource Page.
Need to learn more about PCI standards and security? Postec CEO Mike Seymour sits on the PCI Security Standards Council Board of Advisors as a representative from the trade group, Retail Solutions Providers Association (RSPA). Contact us today with any questions you might have.