Credit card security breaches at large retail companies are headline news. Public relations departments, lawyers, and consultants spring into action to control damage to the company’s image. You might be surprised to know that 80% of all attacks are directed at small to medium-sized businesses. A data breach can cost you thousands in fines and penalties, ruin customer confidence, open your company to litigation, and prevent you from running your business. To make matters worse, as of October 1, 2015 the liability for fraudulent purchases lands squarely on the shoulders of the merchant.

EMV or “chip cards” use an embedded microchip to store user data instead of a magnetic strip. The microchips make it harder for credit thieves to create counterfeit or cloned cards.

Encryption and tokenization are technologies that can keep credit card data out of the hands of credit card villains. Tokenization masks the credit card data the moment it is read from the chip in the card. The tokenization process converts the card data into randomly generated alphanumeric values (both numbers and letters). The newly created token is assigned only to the merchant. The token would be useless if another business or individual attempted to use it. Because a token isn’t actually a credit card number, the merchant is allowed to store the information and have it on-hand to speed up the check-out process when the customer makes future purchases. Encryption encodes transaction data while it moves from the card reader, to the card processor, and back again. It is difficult to decode encrypted data without the encryption key. Even if the encryption is broken by a hacker, he will find only tokenized data inside, putting an end to his evil scheme.

PCI compliance is required by any company that takes credit cards. Conforming to Payment Card Industry Data Security Standards (PCI DSS) is an ongoing process. Your system must be able to handle sensitive data, be connected to a secure network, and much more. You may be able to meet the PCI DSS standards on your own, but using a compliance assistance service will make your life much easier. PCI Assist, provided by Worldpay (formerly Vantiv), will furnish the tools necessary to bring your system into compliance, scan your system for potential problems, and monitor your network. With your system protected, you can focus more time and energy on your business.

Insure against the worst-case scenario. If your system is compromised, it could be devastating to your business. Financial protection is available from some credit card processors. For example, Breach Assist, also by Worldpay (formerly Vantiv), will provide financial assistance to help your business rebound if your customer data is stolen. There may be financial assistance available to cover part or all of the cost of post-breach upgrades to hardware. For more information on security products offered by Worldpay (formerly Vantiv), go to:

Protect yourself, your business, and your customers from fraud throughout the credit card approval process. Contact your credit card processer to find out if these options are available to you

By George Maginnis