Keep your customer’s data safe with these useful tips.
Five tips for proper handling the credit card information of your customer.
Approved Software Use
When a merchant uses POS (Point of Sale) terminal, mobile running payment processor software or swipe machine to conduct transactions, as a merchant it is your duty to make sure that your hardware, as well as software, is PCI Compliant. There are many applications and card readers available that come with security loopholes.
Genuine Service Provider
You can avail services of a reputed service provider to install credit card processing software, manage credit card processing as well as credit card storage for your business. Service provider includes:
SaaS (Web-based software)
IVR phone services
It might also include companies to which the merchant outsources payment-processing functions. Through extensive testing of these service providers, you can make sure that they are trustworthy. Qualified Security Assessor (QSA) who performs a comprehensive audit of policies, procedures and the system of the service providers does this type of testing. You can only use PCI DSS Validated service provider as a part of a contract signed.
Storage of Sensitive Information
Payment processing regulations specifically prohibit the storage of credit card security code or any data contained in the magnetic strip of a credit card. Although you may have business reasons for storing credit card information. The card security number is in place to know whether a user of the card over the phone or internet has the possession. But if the security code is stolen, this approach will not work. In the magnetic stick, which is on the backside of the credit card, track data is stored. This contains the information on the account that is otherwise don’t show on the card. This data assists with authentication and the card cannot be fake.
Encrypted Electronic Storage
For recurring payment authorization or mail order authorization, the merchant might have to store credit card number. If such sensitive data is there as paper documents, you should keep it in a secure place. If you process recurring transactions, you can also store credit card number via electronic storage.
No comments:
Post a Comment