Keeping your personal information, passwords and financial records safe and secure from cyber criminals has always been a priority of all businesses, but it has become increasingly difficult given the abundance of information and devices. Here are the best 5 tips to handle and store credit card data securely –
Use only PCI Compliant software and equipment
Ensure that your hardware and software is PCI compliant- you may think anything for sale is ok to use and is compliant but there are many applications and card readers in use today that have vulnerabilities and security holes. Therefore, you must use reputable hardware and software vendors that have PCI compliant software and hardware.
Trust only authorized service providers
There are many merchants that use service providers to manage credit card processing and card account storage. Make sure that your service provider has taken the external QSA (Qualified Security Assessor) test and are designated a “PCI DSS Validated Entity”.
Don’t store electronic track data or card security number in anyway
Processing regulations specifically prohibit the storage of card’s security code or ‘track data’ contained in the magnetic strip on the back of the card. So while, electronically storing the data do not create a field for the security code and while using paper storage redact the security code.
Track data stored in the magnetic strip also contains information regarding the account that is not displayed on the card. Card readers, though can make this data visible, and software can be created to store it it-without your knowledge. You need to make sure that you do not store any security code inadvertently as well (you can do this by following 1st advice).
All credit card info in electronic storage must be encrypted
Ensure that any electronic storage you use is encrypted using a robust encryption algorithm. So, even if your computer is stolen or hacked, you have some protection for sensitive information. If you have paper documents, make sure they are in a secure place.
Ensure phone recordings of credit card numbers are stored encrypted
Many business record telephone calls for proof of payment authorizations or other reasons. Consequently, you have a database of credit card information that vulnerable to misuse. Thus, you need to encrypt them or store them in a restricted secure directory.