The National Retail Federation (NRF) has gone on the record as opposing any legislation that would force retailers to follow data security rules created for the banking industry. Instead, it has asked Congress to pass a uniform national data breach law.
Merchants and all other parties involved in electronic transactions have to take every precaution to protect all entities from identity theft and fraud resulting from payment security breaches. If you accept credit card payments, the Payment Card Industry Data Security Standard (PCI DSS) should be adhered to as your first line of defense for protection.
Acquiring and maintaining PCI compliance isn’t complicated. The process is made up of common sense practices to assess your payment card processing scope and analyze it for vulnerabilities that could potentially expose cardholder data.
Identity theft is not a new phenomenon — just ask the estimated 15 million Americans who are victimized by it each year. What is new is business identity theft, a growing threat that the Better Business Bureau, FBI, state governments and independent organizations are now publicizing in the hopes of protecting the business community.