Although “PCI requirements” and “PCI compliance fees” aren’t quite the buzz words that they were a few years ago, PCI is still vitally important to your business, your clients and their customers.
Here are three things you need to know to keep your merchants compliant and their customers safe.
1. Breach Insurance Isn’t Enough
Most merchants understand that it’s important to keep their cardholders’ data safe and sound.
But I have found that many still believe that, because they have breach insurance, they don’t have to worry. And so when I ask them what concrete measures they’ve implemented to protect their customers, they give me a blank stare.
Don’t get me wrong--breach insurance is great. But it’s no substitute for taking the necessary steps to fulfill PCI requirements and keep cardholders safe.
That’s why, as merchant service providers, we must constantly emphasize the PCI process.
2. Never Let Them Forget PCI
To ensure that merchants are protecting their customers’ data, you have to emphasize PCI throughout the merchant lifecycle.
I like to bring up PCI at the following occasions:
- Installation
At installation, many providers ask their customers for referrals, or they teach the business owner and staff how to operate the terminal. But installation is also a great time to talk PCI. Remind the merchant that they need to complete a PCI compliance assessment. Reiterate how important it is to secure their network. And be transparent about any PCI compliance fees that they’ll have to pay.
- Retention
Communication is the best way to retain your merchants, so if you don’t have a newsletter, you should put one together today. And in every newsletter, you should touch on PCI. It doesn’t have to be the main article, but a short blurb in every issue will help keep PCI top of mind.
- Problem Calls
Every time a merchant contacts you, you have the opportunity to mention PCI. Of course, you should answer their question or solve their problem first. But then ask them how they’re doing. Have they heard anything new about data security?
3. Compliant Today, Breached Tomorrow
Perhaps the most important thing to communicate to your merchants is the need for constant vigilance.
You could be doing everything right. You could have completed all your compliance assessments. You could have secured your network.
And then, one day, you make a single mistake, and your customers’ accounts will be compromised. You will no longer be compliant. And that mistake will cost you.
What do you think are the most important things to know about PCI?
No comments:
Post a Comment