Technology Today: 4.27.2010

Posted by TED Magazine on Tuesday, April 27, 2010

PCI mandates effective July 2010

I just returned from a distributor user group meeting.   It was evident from the seminars and the general buzz that Data Security was a hot topic. It has now become a primary consideration for every distributor that accepts credit cards and debit cards for the payment of goods or services.  To promote the security of the credit and debit card payment systems, the major card brands have now established the Payment Card Industry Council (PCI) to oversee its Data Security Standards (DSS).

Distributors of all sizes must now ensure that cardholder data is protected from a security breach.  A typical breach can cost a small business like yours $25,000 - $50,000.  That number can be much higher depending on the number of cards compromised!  To protect card-holder data and mitigate financial exposure, it is imperative that all merchants validate and demonstrate PC-DSS compliance.

Businesses or organizations that accept credit or debit cards are required to be compliant with the Payment Card Industry Data Security Standards (PCI DSS) by July 2010.

What are these standards?

Under the PCI DSS set of requirements, all organizations that accept, store, or transmit credit card information must maintain a secure environment to protect consumers and their cardholder data from fraud or theft. The PCI DSS outlines best security practices to protect businesses against credit card breaches. Any organization, regardless of size, that accepts credit or debit cards as a form of payment in person, by phone, or online must be PCI compliant.

How does this impact my organization?

Organizations that are not compliant are at a greater risk of security breaches, may incur fines from the card associations (Visa and MasterCard), and may lose the ability to process card payments. Don’t let that happen to you!

Where can we go for help?

According to Randy Tillim of NXGEN Payment Services, companies such as Elavon’s PCI Compliance Program, take a comprehensive approach to help your distributorship manage cardholder data and ensure compliance with these new requirements.  PCI compliance will protect your reputation as well as your bottom line.

Payment Services companies such as NXGEN are already working with your fellow distributors.  Also, Infor, Activant and other ERP providers are actively working on these issues with regard to compliance within their respective systems.  For more information, please contact me at Stacey@dtgworldwide.com.  I would like to hear from any distributors that have audits or are currently dealing with PCI Compliance.

For information on NXGEN, Randy Tillim can be reached at 888-245-7216, ext. 703 or rtillim@nxgenmsp.com.