Businesses need PCI compliance and more to keep customer information secure
While PCI compliance is a must-have for any business receiving credit or debit card payments, it cannot be the only method for safeguarding customer information.
Modesto Save Mart Supermarkets, a grocery store chain in California, recently said card readers at its self-checkout lanes had been breached. Tracy Kitten of Bank Info Security's Fraud Blog writes that it is not known whether the PIN pads were swapped or manipulated to steal card data. She said a start to addressing future incidents would be to make sure the systems are PCI compliant.
"Here's my take: PCI compliance should be a given, but it doesn't address all of the risks," she writes. "And a cardholder transition to [Europay, MasterCard, Visa chip and PIN standard], even if initiated tomorrow, will take years to roll out fully. The industry needs a quick-fix solution, and determining what that might be has proven more challenging than one might assume."
Businesses should make sure they keep pace with the highest industry security standards, otherwise they may see customers flock to competitors that have better-protected payment systems and numerous security credentials