Credit Cards
   Search, Compare and Apply for a Visa CardSearch, Compare and Apply for a MasterCardSearch, Compare and Apply for an American Express CardSearch, Compare and Apply for a Discover Card
Credit Cards Menu
Low Interest Credit Cards
Balance Transfer Cards
Instant Approval Cards
Reward Credit Cards
Cash Back Credit Cards
Airline Credit Cards
Business Credit Cards
Student Credit Cards
Prepaid & Debit Cards
Credit Card Specials
Search by Credit Quality
Excellent Credit
Good Credit
Fair Credit
Bad Credit
No Credit History
Bank Credit Cards
Advanta
American Express®
Bank of America®
Capital One®
Chase
Citi® Credit Cards
Discover®
First National Bank of Omaha
First Premier Bank
HSBC Bank
MasterCard®
Orchard Bank®
Visa®
Credit Card News and Advice
News About Credit Cards
Credit Card News Archive
Credit Card Blogs
Credit Card Tools
Credit Card Calculators
Credit Card Finder
PrivacyWise
Credit Card Site Map
Accept Credit Cards
Merchant Account Providers
Merchant Account Articles
Online Credit Card Applications

Credit Cards > Articles > Merchant accounts > Guarding credit card information

 Print 
 Email 

Guarding credit card information

By Jeremy Simon

Merchants need to be sure they are taking all the necessary precautions to protect their customers' credit card information.  Losing your customers' credit card information is an easy way to lose your customers.

Compare Low Interest Credit CardsThe payment industry is attempting to police itself before legislators enact and impose their own regulations.  The Payment Card Industry Security Standards Council's Data Security Standard is a group of standards commonly agreed upon by Visa, MasterCard, Discover, American Express and JCB, which must technically be met by any merchant who accepts credit cards.

PCI DDS aims to protect consumer information from identity theft.  Merchants who fail to comply with PCI DDS could suffer consequences ranging from loss of the ability to process credit card transactions up to fines of as much as $500,000.  Certain types of businesses may require an audit by a PCI DDS certified security auditor.

As for the basics of PCI DDS, information security policies are required to be written down.  These policies should be clear to everyone, including employees, and should cover both PCI DDS requirements and the regulations of any states with which you do business.

In order to protect your company's network, be sure to disconnect from the Internet when business is closed.  An unattended network connection represents an opening for hackers.  Think about whether you always shut down servers, network switches and routers; the more doors you lock, the safer you become.

Additionally, do not put all your data onto a single server, since all your data will be in danger if that server is compromised.  Major steps in the direction of meeting current and future compliance regulations include getting an additional server for sensitive data, limiting who has access, encrypting data, and limiting connectivity to the Internet.

Avoid using wireless networks when sensitive information is involved, since outside hackers can access wireless features on a laptop.  Also, invest in encryption, so that you will not need to let clients know if you lose a laptop or are the victim of a breach.

Finally, be aware of the danger posed by employees.  By limiting and knowing who has access to you system will help you meet the requirements of PCI DDS as well as allowing for regular monitoring to prevent data theft by employees.  And, since employee negligence results in the vast majority of all losses, train your employees to protect business assets.

Published: June 1, 2007

For more information on credit cards and related topics, please see our library of articles.

Your financial situation is unique and our information and advice may not be appropriate for your situation. Accordingly, CreditCards.com recommends that you get different opinions and seek the advice of your accountant and other financial advisers who are fully aware of your individual circumstances before making any final decisions or implementing any financial strategy.

Want to know more? Below are articles and resources that should be of interest to you: