PCI looking to roll out new effort to stop credit card fraud

PCI looking to roll out new effort to stop credit card fraud

Securing credit and debit cards on a website is one of the most important things an eCommerce company can do. Customers stay happy and safe, the company's reputation remains strong and there are no big time complications. SSL certificates by companies like Thawte and VeriSign can be a great way to keep threats of fraud down, but the PCI Security Standards Council is looking into other ways to educate and certify channel partners to help protect against card fraud.

"In an effort to reinforce the security of cardholder data, the PCI Security Standards Council … has announced a new certification program that provides a stamp of approval for channel organizations and field engineers/technicians who work with these validated applications," CRN reported. "This initiative is the outcome of a special task force of merchants, acquirers, payment software vendors and other interested parties looking for a strategy to resolve the vulnerability."

According to the 2012 Global Security Report by Trustwave, 76 percent of breaches last year were caused by errors committed during implementation, configuration and support of payment applications by channel partners and other third parties. This means that educating companies and employees is a must for any business that wants to stay completely secure, as websites are usually only as secure as the employees dealing with it let them be.

Bob Russo, general manager of the council, said the PCI Qualified Integrator and Reseller program will begin later this year, according to CRN.

“We're going to create the certification, which includes about a day’s worth of training on how to install these things securely, how to make sure they are secure, and how to make sure that you're making the merchant aware of their responsibilities as pertains to security,” Russo told the news source.

Companies should always have SSL certificates by high-quality companies like GeoTrust and be sure to educate employees on how to stay secure online, especially when dealing with sensitive information.