Protecting Cardholder Data with PCI Security Standards – Introduction

The twentieth century U.S. criminal Willie Sutton was said to rob banks because “that’s where the money is.” The same motivation in our digital age makes merchants the new target for financial fraud.   Occasionally lax security by some merchants enables criminals to easily steal and use personal consumer financial information from payment card transactions and processing systems. 

It’s a serious problem – most recently compiled statistics show more than 234 million records with sensitive information has been breached since January 2005, according to Privacy Rights Clearinghouse.org.   As a merchant, you are at the center of payment card transactions.  So it is imperative that you use standard security procedures and technologies to thwart theft of cardholder data.  Merchant-based vulnerabilities may appear almost anywhere in the card-processing ecosystem, including point-of-sale devices, personal computers or servers, wireless hotspots or Web shopping applications, in paper-based storage systems and unsecured transmission of cardholder data to service providers.  Vulnerabilities may even extend to systems operated by service providers and acquirers, which are the financial institutions that initiate and maintain the relationships with merchants that accept payment cards.  Compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) helps to alleviate these vulnerabilities and protect cardholder data.(1)

Do not fall into the mistake that only the big boys are the ones who are breached.  Sure we hear and see the news about Heartland, TJMax, Office Max, Dave & Busters Restaurants , Hannaford Brothers Supermarket Chain, 7-Eleven and others.  However, they account for only 20% of the breaches.  Since 2005, more than 80% of the instances of unauthorized access to card data have involved small merchants, according to Visa USA Inc.  These small businesses account for 85% of the seven million locations nationwide that accept credit cards. 

Already in April of this year there has been a security breach in a small eatery in Minnesota, The Mad Capper Saloon & Eatery.  Last year in September a MacDonald’s in Miami, Florida uncovered a skimming operation that was ongoing for close to 8 months.  This resulted in over $50,000 worth of fines, fees and audit costs.  Then there is the multimillion dollar suit being filed by 7 locally owned restaurants in Mississippi and Louisiana against a Louisiana-based distributor for a point of sale system for violating data protocols, which directly contributed to security breaches at these restaurants.

Are you at a loss or unsure about the complexities of the PCI Compliance requirements and how best to easily fulfill these requirements?  Have you attempted to figure all of this out and just want to throw up your hands about it?  Do you want to have peace of mind that you are as secure as possible, while not having to place a lot of time and effort into doing so?  We have established a strategic business alliance with Effective Payment Management to provide our clients with the necessary expertise and options for being PCI Compliant.  If you are interested in exploring your options, so you can easily have the security in place to protect you and the cardholders who pay via credit card for your products or services, then complete the FORM below and forward your contact information. 

Pump Up Your Website has established a strategic Business Alliance with Effective Payment Management to aid businesses to take full advantage of PCI Compliance, while not becoming encumbered by the complexities.  Once you completed the FORM below and provide your contact information, Bill Hearon from Effective Payment Management will follow up with you within 24 hours and work with you to facilitate your having all in place in an as easy and painless manner as possible.

[contact-form 1 "Contact form 1"]

(1)   PCI Quick Reference Guide, pcisecuritystandards.org.