Every business that accepts credit/debit card payments must comply with the Payment Card Industry Data Security Standard (PCI DSS). Doing so is more than a requirement; it's a sound business practice that offers the protection your business needs against potentially devastating consequences from credit card data theft.
That protection is especially important to restaurant franchisees, as restaurants are the most popular targets of credit card thieves. According to Visa International, remote access by hackers was the source of 41 percent of all credit card data theft in 2010 - with Level 4 merchants the target of 96 percent of all hacking.
Many merchants believe that their merchant bank or ISO covers them for PCI DSS compliance. That's not the case, and it's ultimately the merchant's responsibility to ensure PCI DSS compliance. Credit card breach investigations do result in fines for the affected merchant's acquiring bank when a breach is proven to result from PCI DSS non-compliance, but merchant contracts with acquiring banks typically hold merchants liable for those fines should a breach occur, which transfers the burden to the merchant who was hacked.
That burden exposes restaurant franchisees to tremendous financial loss:
The severity of these fines and penalties are the reason 76 percent of small businesses that experience a customer data breach close their doors permanently within a year. And that in turn is why it's in the best interest of the franchise organization to protect against customer data theft.
Fortunately, PCI DSS is very clear about what constitutes compliance, and franchisees who demonstrate thorough PCI DSS compliance are generally shielded from liability should data theft somehow occur. Compliance involves addressing these key PCI DSS requirements:
If you address these requirements and achieve and maintain PCI DSS compliance, you're on the surest path to remaining safe from the potential damage inflicted by thieves on the hunt for valuable customer credit card data.
Paul Arceneaux is chief marketing officer for ANX, a leading provider of managed security, compliance, and connectivity solutions. He has more than 20 years of security, technology product development, and marketing leadership.
The only publication dedicated exclusively to the hottest topic in franchising - Multi-Unit and Multi-Brand Franchisees.
A unique event because it is highly influenced by its advisory board, consisting of the very best multi-unit franchisees. The board works diligently to ensure that the conference delivers on its promise of being the best platform for franchisees to learn how to grow their businesses.