New regulations concerning credit card processing are due to take effect in June, and companies will do well to comply. Visa, MasterCard, American Express, and Discover all support the Payment Card Industry Data Security Standard.
The PCI standard establishes 12 requirements. Chandler Harris summarizes them as follows:
Requirement 1: Install and maintain a firewall configuration to protect cardholder data.
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters.
Requirement 3: Protect stored cardholder data.
Requirement 4: Encrypt transmission of cardholder data across open public networks.
Requirement 5: Use and regularly update antivirus software.
Requirement 6: Develop and maintain secure systems and applications.
Requirement 7: Restrict access to cardholder data by a need-to-know basis.
Requirement 8: Assign a unique ID to each person with computer access.
Requirement 9: Restrict physical access to cardholder data.
Requirement 10: Track and monitor all access to network resources and cardholder data.
Requirement 11: Regularly test security systems and processes.
Requirement 12: Maintain a policy that addresses information security.
Hopefully this list doesn't represent much of a problem for you. Even if it does, losing the ability to process credit card payments or getting hit with fines seems worse, so try not to ignore it.
Also, whether you're already in compliance or have to work hard to achieve it, let customers know about the end result. Along with stuff like Better Business Bureau records, this may be the sort of thing that they'll look for.
Are You Offering Enough Payment Options?Save Your Customers Money, Get Them to Spend More with YouSMB Should Think More About SecurityHow Much Money are you Throwing Away on Wasted Time?Save Money By Supporting TelecommutersNeed Money Quick? Read On…A Package Deal: Make and Save Money Flexibility for Employees Could Mean Money SavedWhere Does Security Fall Into Your Budget?"Your Mama is Making Me Money..." | |||
| Do you have a business site? Submit your business related site FREE! | |||
| |||
Comments
Another issue
Since many Americans use their foreign credit cards to save some money in e-commerce this maybe an issue for credit card companies. Some operators like PayPal don't provide particular taxpayer details of the account owner but IRS has easy access to the information to determine the taxpayer status.
Recent IRS action regarding US taxpayers using PayPal accounts, where PayPal provided the information requested by the IRS and connected with US citizens hiding their income in offshore accounts, raises two questions. First, why IRS didn’t issue a third party summons for a named individual or group of individuals but acted under the ‘John Doe’ summons? And a second, what is the right of privacy of taxpayer in this case?
Credit card owners should be aware that once technology gets advanced and cheaper all of the people who used this kind of tax heaven will owe something to IRS.
Post new comment