Franchise Update Media
Franchise Update Media Digital
Conferences Education Videos Subscribe

Under Lock and Key: PCI Compliance And Data Security Is Sound Business Practice

Every business that accepts credit/debit card payments must comply with the Payment Card Industry Data Security Standard (PCI DSS). Doing so is more than a requirement; it's a sound business practice that offers the protection your business needs against potentially devastating consequences from credit card data theft.

That protection is especially important to franchisees, as restaurants are the most popular targets of credit card thieves. According to Visa International, remote access by hackers was the source of 41 percent of all credit card data theft in 2010 - with Level 4 merchants the target of 96 percent of all hacking.

Many merchants believe that their merchant bank or ISO covers them for PCI DSS compliance. That's not the case, and it's ultimately the merchant's responsibility to ensure PCI DSS compliance. Credit card breach investigations do result in fines for the affected merchant's acquiring bank when a breach is proven to result from PCI DSS non-compliance, but merchant contracts with acquiring banks typically hold merchants liable for those fines should a breach occur, which transfers the burden to the merchant who was hacked.

That burden exposes restaurant franchisees to tremendous financial loss:

  • Fines of up to $500,000 per incident
  • Liability for all losses from compromised account numbers
  • Liability for the cost of re-issuing compromised cards
  • Potential suspension of merchant accounts

The severity of these fines and penalties are the reason 76 percent of small businesses that experience a customer data breach close their doors permanently within a year. And that in turn is why it's in the best interest of the franchise organization to protect against customer data theft.

Fortunately, PCI DSS is very clear about what constitutes compliance, and franchisees who demonstrate thorough PCI DSS compliance are generally shielded from liability should data theft somehow occur. Compliance involves addressing these key PCI DSS requirements:

  • Build and maintain a secure network. Simply put, it's your responsibility to make it extremely difficult for hackers to penetrate your network.
  • Protect card holder data. Don't store card holder data in easily accessible reservation systems and loyalty programs. Better yet, store all credit card data off-premises, and access it through a secure gateway.
  • Maintain a vulnerability management program. Institute measures that give you a proactive rather than reactive posture to quarterly vulnerability scans.
  • Implement strong access control measures. Do your best to ensure that only personnel with an absolute need are able to access or view card holder data, and carefully monitor access.
  • Maintain information policy. Employee vigilance is key to Make sure everyone who accesses your network and sensitive data understands the measures you've implemented for protection, and why.

If you address these requirements and achieve and maintain PCI DSS compliance, you're on the surest path to remaining safe from the potential damage inflicted by thieves on the hunt for valuable customer credit card data.

Paul Arceneaux is chief marketing officer for ANX, a leading provider of managed compliance, and connectivity solutions. He has more than 20 years of security, technology product development, and marketing leadership.

Social Reach:

Viewer Response:

comments powered by Disqus

Hot Opportunities

Jimmy John's Gourmet Sandwich Shops Franchise Opportunity

Jimmy John's Gourmet Sandwich Shops
Jimmy John's franchise success is built upon an unyielding commitment to...

Buffalo Wings & Rings Franchise Opportunity

Buffalo Wings & Rings
Buffalo Wings & Rings is a restaurant brand where everyone is a VIP,...

Bricks 4 Kidz Franchise Opportunity

Bricks 4 Kidz
Bricks 4 Kidz provides project-based programs designed to teach principles...

Minuteman Press International Franchise Opportunity

Minuteman Press International
Minuteman Press has been the leader in the printing & graphics...

Papa Murphy's Take 'N' Bake Pizza Franchise Opportunity

Papa Murphy's Take 'N' Bake Pizza
The world's largest, fastest growing Take 'N' Bake pizza franchise is...

Archadeck Franchise Opportunity

Archadeck is proud to be North America's leading designer and builder of...

Request Information
Oxi Fresh Franchise Opportunity

Oxi Fresh
OXI FRESH is a GREEN Carpet Cleaning Franchise and one of Entrepreneur's...

Doc Popcorn Franchise Opportunity

Doc Popcorn
Doc Popcorn is revolutionizing the way people snack in high-traffic...


The Franchise Buzz:

A Franchise Update Media Group Production Franchise Update Media Group | P.O. Box 20547 // San Jose, CA 95160 // PH. (408) 402-5681
Copyright © 2001 - 2015. All Rights Reserved. Site Hosting Provided By: wishVPS on FUMG3
Your Request List:
No Opportunities Saved