Data Protection and Credit Card Details

Video 7 of 32
2 min 11 sec
Want to watch this video? Sign up for the course or enter your email below to watch one free video.

Unlock This Video Now for FREE

This video is normally available to paying customers.
You may unlock this video for FREE. Enter your email address for instant access AND to receive ongoing updates and special discounts related to this topic.

Secure Handling of Credit and Debit Card Payments: A Guide

Handling credit and debit card payments is a critical task that demands a keen understanding of your company's policies and procedures related to card data security. Adhering to card scheme rules and ensuring the secure storage and processing of card data is paramount. Furthermore, any information obtained from the cardholder should strictly be used for the related transaction only.

Why Writing Credit Card Information on Paper is a No-go

Recording credit card information in diaries, notepads, or loose pieces of paper for later processing poses significant security risks. This is not considered secure data handling and should be avoided at all costs.

Key Requirements for Secure Credit Card Payment Handling

  • Install and maintain firewalls: Firewalls are essential for protecting customers' data.
  • Use robust passwords: Avoid using vendor-supplied defaults for system passwords. Regularly changing passwords enhances security.
  • Protect stored cardholder data: Implement measures to ensure the secure storage of cardholder data.
  • Update antivirus software regularly: Keeping your antivirus software and other programs up-to-date is critical for data security.
  • Regularly maintain systems and applications: This can help protect against potential security breaches.
  • Restrict access: Limit access to customers' card data strictly on a need-to-know basis. Every user should have a unique ID, and access to network resources and credit card data should be meticulously tracked.
  • Regularly check security systems and processes: Regular checks can help identify and rectify potential weaknesses in your security setup.

Consequences of Inadequate Card Data Security

Leaving customer card data vulnerable to fraudulent access or misuse can lead to serious consequences. These include business losses, bad publicity, decreased sales, card scheme fines, and most significantly, loss of customer trust and reputational damage. The expenses for corrective measures, potentially including forensic investigation costs, can run into tens of thousands of pounds.

Responsibilities as a Data Handler

When customers use their credit or debit cards for transactions, they trust that the organisation will securely process the payment and protect their data. As a data handler, you have a responsibility to ensure maximum security for the customer's data that you process. This commitment to security helps build customer trust and protects your business's reputation.