PCI Compliance is something that most merchants are familiar with these days. Each year, merchants are required to prove that they are handling credit card data properly, that their systems are secure and that the processes they have in place protect the card data. It all sounds good right? Protect card holder information, make sure everything is safe and secure.......but what happens when things go wrong?
We have been fortunate at Total Merchant Concepts in that we have never had a merchant sustain a breach however, in the past two weeks we have been referred to two separate merchants who have been told by their processing companies that their Point of Sale system had been hacked. One merchant is looking at nearly $50,000.00 in fines in addition to having to replace all of their hard drives and processing equipment. The other merchant is just beginning the process and is looking at an $8000.00 tab for having a company come in and conduct a forensic audit- once the audit is over, the merchant will learn what the additional financial burden will be.
When your system is not secure, you run the risk of being hacked and possibly even put out of business by the fines that will follow a breach.
What can you do?
- Take PCI Compliance seriously and be aware of the steps you need to take to protect the cardholder data. Read the PCI FAQ
- Use only Visa Certified Point of Sale systems (Check BEFORE purchasing!!)
- Invest in the necessary security enhancements to keep your system secure (firewalls, routers etc.)
- Train your staff on proper card acceptance techniques
- Only work with processing companies who fully inform you about PCI- the businesses we just talked about had processors who were very nonchalant about PCI
If you need assistance to determine if your card acceptance system is PCI Compliant, please call our office and we will put you in touch with our Visa Certified Assessor (Existing TMC merchants' use of this service is covered by the annual PCI Compliance charge). 1-888-249-9919