The holiday shopping season is just around the corner and merchant security is incredibly important. With the recent local and national data breaches fresh in our minds, it’s important to take the proper steps and precautions to ensure you don’t become a victim. Whether you’re an online merchant or you prefer the brick-and-mortar approach, you can benefit from heeding the following advice:
- Don’t store any irrelevant cardholder information. If it’s not necessary to efficiently run your business, don’t store any customer information. If you need to write down a customer’s card information, be sure to securely shred the file once your business is conducted.
- Use secure passwords. All of the computer security in the world isn’t going to help a weak password. Choose a password that is easy to remember, but hard to guess, or use one of the various online password managers like LastPass.
- Insist your employees maintain high security standards. Remind employees to use strong passwords on their account, never store customer information longer than they have to, and ensure that no one is granted unauthorized access to any confidential information.
- Upgrade your POS system to accommodate EMV cards. One of the major upcoming changes in the credit card processing industry is the implementation of the EMV liability shift. While merchants do have until October of 2015 to upgrade their current terminals if they are not EMV compliant, it’s better to be prepared and familiar with your terminal ahead of time.
- Do not allow unauthorized individuals to perform maintenance on your terminals. Credit card and phishing scams are becoming increasingly more sophisticated. Ensure that only authorized individuals or your merchant services providers are working on your terminals. If your terminal appears tampered with, discontinue use of the terminal and call your merchant services provider immediately.
- Keep all software up to date. Ensure that your web hosting company and payment gateway are secure and compliant with industry security standards. Be sure your firewall is actively protecting your terminals and it is properly configured to disallow unauthorized access.
- Be PCI compliant. The Payment Card Industry Data Security Standard (PCI DSS) is a set of rules and guidelines that help ensure a merchant is taking the proper steps to maintain data security. Being noncompliant with PCI can result in major fines should a data breach or information theft occur.
The information above can be found in a full and more detailed format at the official Visa website. Click here for Visa Data Security: Tips and Tools for e-Commerce Business and click here for Visa Data Security: Tips and Tools for Small Merchant Businesses.
Advanced Merchant Group wishes you a safe and enjoyable holiday season. Feel free to call us with any questions or concerns you may have. As always, we can be reached directly at 877.99.SWIPE. or through our contact page.