PCI Oh My: New Study Shows Compliance Can “Make or Break” Merchant Relationships

A  new ControlScan survey making the rounds of the financial press, showing that “one in four acquirers say that how they approached Payment Card Industry security standard compliance caused them to lose merchant accounts.”

As one ControlScan exec said, “Easing their merchants’ PCI compliance pain is certainly to the acquirer’s competitive advantage, but for risk reasons, it’s important to actually get the merchants compliant.” Because another large breach or hack — with your company in the middle of that unwanted news — will often irreparably damage another critical merchant relationship: That with customers.

Neiman-Marcus, for example, was ordered “to pay $1.6 million to settle a class-action lawsuit over a 2013 security breach that exposed the credit and debit card data of about 350,000 shoppers,” just this past week. So often the effects of such security lapses will linger for years.

Among the tips for easy PCI Compliance, as summarized by PC World, are:

  • Don’t store Cardholder Data
  • Choose a PCI Compliant Web Host
  • Use a separate network to process payments
  • Secure all mobile card readers

For that last bit of advice,  the article suggests that “basically you should ensure the mobile devices are kept physically and digitally secure from theft, unauthorized use, malware, and hacking. Don’t jailbreak or root your device or enable other functions that can make the device insecure, like USB Debugging on Android devices.”

If you’d like any help getting PCI Compliant at your own business — and more secure in an increasingly insecure world — contact your AVPS rep today. We’ll be happy to help!


No comments yet.

Leave a Reply

You must be logged in to post a comment.