Secure Customer Data
Secure Customer Data Through Payments Security
Recent data breaches at major retailers have put a new spotlight on securing your customers’ information. Consumers across all age groups worry about how their personal data is collected and used, but young consumers are not as concerned as older consumers with protecting their personal data. For example, 62% of younger consumers are worried about a company having too much information about their purchases and location, compared to a 74% average across all age groups. (1)
Collecting personal data has its risks, but there are also benefits for businesses that use this information to create more meaningful customer experiences. For example, it can help your business know your customers on a deeper level and form lasting relationships. It can also help create targeted offers that may incentivize return visits. Retaining customer information can also facilitate the returns process or capture information that may be referenced at a future visit. And the list goes on.
An important aspect of personal data security is the card information that your company collects for payments. While there are many considerations to make depending on your specific business and needs, there are some key security measures available to help secure payment card information. Here we’ll highlight four considerations to make as you’re building your security strategy:
Payment Card Industry Data Security Standard (PCI-DSS) Compliance
The Payment Card Industry Data Security Standard (known as PCI-DSS or PCI for short), is a standard across the major global card brands to address cardholder account security. PCI was developed to safeguard the personal information of cardholders while in the possession or use of merchants, payment processors, and other entities that store, process, or transmit payment card information.
Understanding the basics of PCI, defining your merchant level, and understanding your validation requirements are critical. Failure to adhere to these requirements may result in significant fines for merchants and potential cancellation of their merchant accounts by the payment brands. To learn more about PCI, visit pcisecuritystandards.org.
End-to-End Encryption (E2EE)
E2EE is a methodology that addresses security when card data is in transit. PCI compliant companies employ some level of E2EE as they are required to encrypt the data during transmission and “protect” it when it is stored. Most often this protection is in the form of encryption. In this scenario, the data has to be decrypted for processing and encrypted before being stored or transmitted.
Tokenization addresses security when the card data is in transit, at rest, and while in use. It replaces card account information with “tokens” generated by a third-party service provider and does not require merchants to store any card data. Tokens are designed to be used in place of card numbers by all of the merchant’s systems.
EMV (also known as Chip Cards, Smart Cards, or Chip and PIN) is a series of specifications that define a more secure method of payment. EMV introduces a small chip to payment cards and chip readers on payment devices that stores information, performs processing, and contains secure keys that generate cryptographic data. The most important feature of EMV is dynamic data generated with each transaction. This dynamic data makes it difficult to create counterfeit cards or replay intercepted transactions.
How can PCI, E2EE, Tokenization, and EMV contribute to your data security plan? Contact us to learn more.
Get An eBook All-Access-Pass
- eBook About POS
- Grow Your Business Guide
- Improve Your Business
- 5 Steps Secure Your Business
Subscribe to our blog and get an all access pass to our past, present, and future eBooks for FREE.
At Your Fingertips
It's a big job to buy the perfect POS System. This is a robust guide to get you equipped to ask all the right questions to potential providers.
With this FREE service we can point you in the direction to providers who can meet your needs, and potentially exceed your expectations.