Hello, my name is John Kirkpatrick, and with more than twenty-five years experience helping businesses manage their technology, I’m glad to have the opportunity to present a few important data security tips to businesses that accept credit and debit cards. A little time and relatively small financial investment now could potentially prevent a devastating security breach in the future.
You may have heard in the news about security breaches at large companies, involving millions of customers’ credit card information. What you most likely did not hear about were the hundreds of other security breaches that took place in smaller businesses. Industry statistics show that more than eighty percent of data breaches that involve credit card information happen in small and medium-sized businesses.
But the good news is that your own efforts can go a very long way in minimizing your risk of experiencing a data breach. It’s important to the long-term financial health and reputation of your business that you take the time for proactive attention. In fact, the payment industry now requires every merchant that processes cards to be in compliance.
In this video, I’d like to talk to you about your payment processing equipment. Whether you process cards with a point-of-sale terminal, like this one, or with software on your computer, or with apps for your mobile device, you’ll want to be certain your equipment is PCI compliant – that is, compliant with the most up-to-date industry standards for security. If your older, non-compliant equipment is still working, it’s tempting to leave it in operation and not worry about its security features. But non-secure equipment and software leave your business wide open to criminals whose expertise and specialized tools can break into your data and steal it quickly and completely.
For example, a device called a skimmer can be inserted into a non-compliant terminal, which can be opened up in a matter of a few seconds while unguarded. The skimmer collects credit and debit card information as it’s being swiped and electronically transmits the card data back to the criminals who installed the device. If you’re using a PCI-compliant terminal, it cannot be opened and skimmers cannot be installed.
If you’re using older, non-compliant software, you may be vulnerable to hackers, tech-savvy criminals who use sophisticated software and programming to break into your stored customer database and steal their card and personal identity information. Up-to-date, compliant software contains state-of-the-art encryption technology and other safeguards that can help keep hackers from breaking through.
And when it comes to mobile processing, you’ve probably seen a lot of new swiping devices that claim to provide you with easy, convenient card payments. But the companies marketing those devices are not necessarily experienced in card processing and may not be using the kind of secure technology you need. Remember, just because someone sells you a swiping device doesn’t mean they’re selling you security to back it up.
The bottom line is that, when it comes to your equipment and software, it’s vital that you make sure you’re fully PCI compliant. If your equipment or software is more than a few years old, it’s a good idea to check with your payment processor and ask about PCI compliance. Security is just one reason it’s important to choose the right payment processor, who will offer you choices, support and all the information you need to help you save money and grow your business.