Protecting Your Clients’ Data
April 23, 2012
Article courtesy of SBAM Approved Partner Midwest Transaction Group
Millions of customers use credit and debit cards for purchases each year. The flow of money, and information, is at an all-time high. Not only do businesses need to take precautions against fraud for themselves, it is more critical than ever to remain vigilant about protecting the banking information of their customers as well.
Here are some reminders about what should be done to protect credit card information of customers you want to do business with again and again:
Credit card information should never:
- be acquired or disclosed without the cardholder’s consent
- be electronically transmitted by email or any type of text messaging services
- be electronically stored
Credit card information should always:
- be stored in a secured area with limited access
- be moved, when necessary, in a way so that it can be tracked
- be shredded or incinerated when it is no longer needed
In addition, personal identification numbers (PIN) or validation codes (CVV2/CVC2/CID) should never be stored – even in a secured area with limited access AND any electronically generated credit card processing receipt should only display the last four digits of the account number. The expiration date of the card should not be displayed at all.
When conducting transactions through an internet connection, keep these security measures in mind:
- A firewall should be in place at all times and checked regularly for activity.
- Anti-virus software would be running at all times and regularly updated.
- Vendor supplied system default passwords should be immediately changed.
- Security settings should be enabled at their highest levels.
- The connection should be periodically checked for foreign objects that could compromise cardholder information.
- Any service provider utilized in the transaction process, like MTG, should be PCI compliant.
All of these security policies should be assigned to an individual or group to ensure that they are effectively executed and any violations or failure to execute them should be immediately reported to the appropriate individuals. It is more important than ever to protect the credit card information of your customers.
If you have any questions about MTG’s credit card processing services, give them a call at (888) 599-2209 or click here for more information.