As the pandemic continues on, make sure you continue to protect cardholder data. Here's how...
If you're like many businesses, in order to persevere during and beyond the COVID-19 pandemic, you may have had to pivot quickly. Merchants that only had brick-and-mortar locations before the pandemic may be the most vulnerable as they quickly added e-commerce and over-the-phone payments. Here are 3 tips to help you maintain PCI compliance now and in the future with automated Acumatica integrated payments PCI Compliance.
Frightening statistics demonstrate desperate need
The PCI Security Standards Council is the governing body chartered with protecting cardholder data. The PCI Council defines requirements for PCI compliance and recently shared tips to continue to secure their customers’ payment data in this rapidly changing situation. Cybercriminals are not taking a break and are working overtime to exploit weaknesses resulting from rapid changes. The statistics are frightening. According to the PCI Council:
- 475% increase in malicious reports related to Coronavirus in March
- 41% of small businesses that suffered a data breach paid more than $50,000 to recover
- 29% of consumers surveyed said they would never again use a business that suffered a data breach
Tip #1: The best protection = don't have anything to protect
One of the most common, but overlooked, sources of stolen credit card numbers isn’t the Internet, it’s literally sitting out in plain sight. When restaurants and other businesses shifted rapidly from dine-in to curbside delivery, the increase in phone payments jumped exponentially. If they didn't have a secured system to enter card details into, they wrote those card details on paper.
That piece of paper is too easy to walk off with. And that slip frequently includes all the credit card details needed to use the card online, including cardholder name, CVV, and expiration date. If you're one of hte many merchants now offering curbside pickup, it's critical to invest in a secure system and train staff how to enter cardholder details directly into it.
Tip #2: Make passwords strong
The PCI Council specifies a strong password should have seven or more characters and a combination of upper and lower case letters, numbers, and symbols (like !@#$&*). A phrase that incorporates numbers and symbols is also considered a strong password. Be sure to select a phrase with a meaning to you so you can remember, like your latest hobby, for example ILove2Bake!.
Breaches resulting from a weak password are typically preventable and is often the leading cause of data breaches for businesses. It’s recommended that you update passwords periodically. Avoid using a weak or worse, a default password, which is a favorite source of cardholder data thieves.
Tip #3: Utilize a trusted PCI expert
When reaching out to your current or prospective credit card payments provider to enable you to pivot to new payment types, make sure your service provider adheres to PCI DSS requirements. For Acumatica and Sage 100 merchants, your fastest route to PCI compliance is by utilizing an integrated payments solution.
VIP Payments is a leading provider of integrated payment technology solutions to North American merchants, differentiated by their strategic partnerships and multiple platform model. VIP provides a broad suite of end-to-end payment solutions and superior US-based customer support. They have spent more than 10 years integrating and developing relationships.
VIP’s credit card processing solutions integrate seamlessly with your Acumatica ERP/accounting system, allowing you to accept credit card payments inside your software. The integration automatically posts payments to invoices, so there’s no need to go back into your program at the end of the day to reconcile your invoices or balance your general ledger. How much time could that save you every day?
Contact the experts at VIP Integrated Payments today to start saving time and money with Acumatica Level 3 integrated payments. You can reach VIP by phone at (888) 791-9390 ext. 101, or email.
