A common misconception by many small businesses is that they are too small to have to worry about PCI compliance. This couldn't be further from the truth. If you accept credit cards, you are required to be PCI compliant. If you are not, your dog walking business can face very steep fines. This is where the BetterWalker and Novera Payment Solutions payments integration comes into play. Our integrated payments solution is PCI compliant and EMV ready.
It's important for you to be informed about PCI Compliance, however.
Here's what you need to know.
You are solely responsible for securing your customer cardholder data to meet Payment Card Industry rules.
Small businesses are prime targets for data thieves ... in fact, they are some of the biggest targets because they are the easiest targets. It’s your job to protect cardholder data at the point-of-sale. If cardholder data is stolen (and it’s your fault) you could incur fines, penalties, even termination of the right to accept payment cards, which could be catastrophic for your business.
Why Does PCI Compliance Matter for Your Business?
According to the PCI Security Standards website, more than 340 million computer records containing sensitive personal information have been involved in security breaches in the U.S. since 2005. Criminals target small merchants because most have minimal security for cardholder data. More than 80% of attacks target small merchants.
If you are at fault for a card holder security breach, your small business can face:
- Fines and penalties
- Loss of the ability to accept payment cards
- Cost of reissuing new payment cards
- Legal costs
- Fraud losses
- Loss of the business
What to Secure
Focus first on protecting the cardholder data under your control.
You are responsible for protecting cardholder data at the point of sale, and as it flows into your credit card payment system. The single best step you can take is to not store any cardholder data.
PCI compliance includes protecting:
- Card readers
- Point of sale systems
- Store networks & wireless access routers
- Payment card data storage and transmission
- Payment card data stored in paper-based records
Small Businesses May Evaluate with a Self-Assessment Questionnaire
Most small businesses can use a self-validation tool to assess their security for cardholder data, which includes a short list of yes-or-no questions for compliance. You can access self-assessment questionnaires on the PCI Security Standards website.
How to Meet the PCI Security Standards
The PCI Security Standards website is an invaluable resource for small businesses working to be PCI compliant. Their suggestions include:
- Buy and use only approved PIN entry devices at your points-of-sale.
- Buy and use only validated payment software at your POS or website shopping cart.
- Do not store any sensitive cardholder data in computers or on paper.
- Use a firewall on your network and PCs.
- Make sure your wireless router is password-protected and uses encryption.
- Use strong passwords.
- Regularly check PIN entry devices and PCs to make sure no one has installed rogue software or “skimming” devices.
- Teach your employees about security and protecting cardholder data.
- Follow the PCI standard ongoing 3-step process (below)
PCI Compliance: Ongoing 3-step process
- Assess
This includes identifying cardholder data, taking an inventory of your IT assets and business processes for payment card processing, and analyzing them for vulnerabilities. - Remediate
Includes fixing vulnerabilities and not storing cardholder data unless you need it. - Report
Includes compiling and submitting required reports to the acquiring bank and card brands you do business with.
The bottom line is that PCI compliance DOES MATTER no matter what the size of your business. We understand that it can seem cumberson for small businesses, but that's no reason to put it off or ignore it. The livelihood of your business may be at stake if you suffer a data breach.
The Novera Payment Solutions team works with small businesses like yours to help alleviate the burden of meeting the PCI compliance standards. It's just one of the reasons that BetterWalker has chosen Novera Payment Solutions as a merchant partner to provide credit card processing for their users!
With Novera Payment Solutions and BetterWalker, you can rest assured that the payment processing system for your dog walking business is PCI Compliant.
Request a FREE Quote Today!
