Payment experiences must be efficient, secure and reliable for both the customer and the small business owner. Businesses that accept credit or debit payments need to comply with the Payment Card Industry Data Security Standard (PCI-DSS), which establishes minimum data security measures for organizations around the world that hold, process or exchange cardholder information from any of the major card brands. Protecting cardholder data can seem expensive and a bit overwhelming to small business owners, most of whom already wear many hats. However, the financial and reputational costs of a breach can be significant—in some cases jeopardizing a business altogether.
Small businesses have a responsibility to protect their customers’ data, but they do not have to do it alone. Instead, decision makers should talk to their payments provider about solutions and experts that can help their business become and stay compliant. Layered payment security is critical to helping protect sensitive payment card data. The First Data TransArmor solution is powerful payment card security that combines the flexibility of software- or hardware-based encryption with random-number tokenization technology. By removing the need for small businesses to store card data—replacing it with a randomly assigned number called a token— the TransArmor solution protects payment card data and prevents it from entering the merchant environment. As a result, systems never hold the actual card numbers from the transactions processed. TransArmor minimizes risk by reducing the scope of PCI compliance, shifting the burden of protecting cardholder data, and allowing the 'token' to be used for other business and sales functions such as returns, sales reports, and analysis.
In addition to addressing PCI compliance, payment providers can help small businesses stay up-to-date with emerging data security trends and technologies such as EMV and smart card adoption that are becoming more important than ever. The term EMV, which stands for EuroPay, MasterCard, and Visa—the three companies that devised the standard—refers to a set of fraud reduction technology standards that ensure payment applications using chip-based cards are compatible around the world. Business owners and operators should conduct a full assessment to understand the impact of EMV and participate in industry discussions, not only to get educated, but to have the opportunity to influence how the payments ecosystem moves forward with smart card implementations. EMV coupled with TransArmor will create an effective layer of protection for merchants.
Bruce Dragt is senior vice president of payment acceptance at First Data.