Safeguard Your Customer’s Credit Card Data and Protect Your Business From Lawsuits

Taking one single credit card transaction is like someone handing you the keys to their safe, where they keep their money, and asking you to carefully take out just the amount you are owed.  If you don’t handle those keys safely and a bad guy copies the keys and wipes out the safe, then whose fault is it?

PCI, the Payment Card Industry, has standards for any organization that receives or maintains credit card information – even if your business accepts one credit card transaction per month.

This standard is to ensure that all reasonable precautions are taken to protect the credit card and credit information of the individual card holders. It is also to ensure that, should an intrusion or theft occur of the physical servers holding the credit information, that the information contained on the servers cannot be extracted by the intruders / thieves.

The Digital Security Standard (DSS) is a designation of PCI, also known as PCI Level 4. Any organization who collects or maintains credit card data should invest in meeting this standard.

The standard includes, among other things, minimum security as to where the data is housed, how it is backed up and maintained, as well as chain of custody of the documentation and how it should be transmitted.

Technical Action Group has experience in helping many Toronto businesses that store credit cards, make sense of all the rules, execute the necessary technical steps to make sure that they uphold the regulations in a cost effective, yet compliant manner.