Data security and the PCI compliance process always need to stay top of mind for our merchants.
To make sure this is the case, we can’t think of PCI as a one and done deal. We have to reinforce the issue throughout the complete merchant lifecycle. Below are three convenient occasions when you can bring up the PCI compliance process and PCI compliance assessments with your merchants--keeping them compliant and their customers safe.
1. Installation
We often view installation as the final step in the sales process, but you can make it much more than that.
Many merchant service providers will use it as a convenient time to ask for referrals. Others use the occasion to train the business’s personnel on how to operate the terminal. Some try to sell additional services. While all of these are great ideas, we should also use this time to discuss PCI compliance.
Remind the merchant that they must complete a PCI compliance assessment. Reiterate that the way they handle transactions is crucially important. If they have a computer-based point-of-sale system, make sure they know how important it is that they secure their network. If they’re going to be using a terminal, tell them they should never write down complete credit card numbers or keep receipts where someone could see or steal them.
And right before you leave, you should remind them that although they may be PCI compliant today, if they’re not cautious, a single mistake could make them non-compliant. And that mistake would be expensive.
2. Retention
Good communication is the best way to retain your merchants. So if you don’t have a newsletter, you should start one. There are many tools out there to help you create one electronically.
And you should talk about PCI in every edition. It doesn’t have to be the main topic, but you should always bring up data security in some way, shape or form.
3. The Problem Call
Every time a merchant calls you, you have the chance to bring up PCI compliance.
Fix their problem first, of course, but then ask them how they’re doing more generally. Catch up with them for a few minutes, and see if their situation has changed or if they need something that you can help with--a new product perhaps.
Then ask them if they’ve heard anything new about data security. Talk them through any new insight you might have, then remind them of the steps they should be taking to protect their customers.
I’ve found that these are great times to bring up PCI compliance with merchants. When do you like to broach the subject?
No comments:
Post a Comment