Tag Archives: PCI compliance

ABT_Buzzwords

Cheat Sheet: A Quick Reference Guide to Payment Processing Buzzwords

Payment security is at an all time low and as a result, the payment industry is in process of getting a much-needed overhaul. With this rapid implementation of new rules, processes and technology, there are a lot of payment processing buzzwords that have recently entered into the industry vernacular.

As a business owner, you’re busy with your day-to-day operations, so keeping up on the latest payment processing news and trends is probably not at the top of your priority list. However, as these changes could eventually impact your business, it’s never been more important for you to be in the know.

To help you stay updated, we’ve compiled the following glossary of industry buzzwords for your quick reference.

EMV / Chip-and-Pin

EMV is the future of credit card processing, although it’s not exactly so futuristic anymore. If you’re not already aware of the EMV payment revolution happening in the United States, you can read up on the basics here. In a nutshell, over the course of the next few months, banks will begin to roll out new credit cards in an effort to phase out insecure magnetic stripe technology. These cards will be embedded with microprocessor chips that will allow for more secure transactions. But the benefits of these “EMV” or “chip-and-pin” cards won’t come to fruition unless business owners take action now and update their payment terminals.

PCI Compliance

PCI compliance is a term often shrouded in myths and misconceptions, but it isn’t all that confusing once you break it down. PCI is a set of 12 requirements that all merchants, no matter the size or industry, must meet to ensure a secure environment for credit card transactions. If you’re not sure what’s required of your business in order to establish compliance, you’ll want to check in with your merchant services provider or visit the Security Standards Council website.

ABT_Buzzwords_NFCNFC

Near field communication (NFC) is the technology that enables wireless data transfers between two devices in close proximity, without the need for an internet connection. Think of it like modern-day Bluetooth. Today’s smartphones are embedded with NFC technology to allow for consumers to make payments directly from their phones by simply tapping or waving their devices over an NFC terminal.

Apple Pay

Apple Pay is a mobile application that is sweeping the nation. Essentially, the application allows consumers to transform their phones into mobile wallets by syncing credit card information from their iTunes accounts. Consumers can simply wave or tap their phones over an NFC terminal (currently available at numerous retailers across the globe) to make a purchase.

ABT_Buzzwords_TOKENTokenization

When a credit card is swiped through a terminal set up for tokenization, the card’s Primary Account Number (PAN) is automatically substituted with a randomly generated sequence, called a token. Merchants can use this token to handle refunds, returns and manage other transaction details. The benefit? Tokenization takes sensitive payment card data out of the picture for merchants, eliminating the need to store the data on their networks and the risk of a data breach.


Stay updated on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
ABT_PCI-Compliance

Four Common Misconceptions About PCI Compliance

The cost of not maintaining PCI DDS compliance can be huge, especially when it comes to data breaches and fraud. Unfortunately, many merchants don’t fully understand everything involved with PCI compliance, so card security breaches will continue to occur.

According to a survey conducted by Proficio, 23% of respondents did not even know if their businesses met the most recent set of standards, PCI DDS 3.0, which was released at the beginning of this year.

It’s important for every merchant to understand what PCI DDS means, so that they can take the necessary steps toward ensuring payment security. While it’s not a foolproof solution, it can significantly help to deter data breaches and potential fraud.

ABT_PCI-Compliance_3Deciphering the Alphabet Soup (PCI DDS)

The Payment Card Industry Data Security Standard (PCI DDS, called PCI for short) is a set of 12 requirements that merchants must meet to ensure a secure environment for credit card transactions. The requirements were put in place by the Security Standards Council, comprised of the five major credit card companies: American Express, Discover, JCB, MasterCard and Visa.

PCI Myths Busted!

There are many misconceptions surrounding PCI. Here, we reveal four of the major myths and the reality behind each of them.

Myth #1 – I own a small business; only large companies and e-commerce websites need to be PCI compliant.

False! Every organization or merchant that accepts credit card transactions must be compliant. The size of the company doesn’t matter, nor does the number of credit card transactions. There are, however, different levels that businesses can fall into, as defined by the major credit card brands. Businesses must determine which level they fall into for each brand and complete the correlated compliance verification requirements.

ABT_PCI-Compliance_1Myth #2 – Once my business is PCI compliant, I never have to worry about it again.

Many merchants don’t realize that compliance is an ongoing process, not a one-time deal. As a business owner, you (or your merchant services provider) will need to be in continuous communication with your acquiring bank and the card brands with which you do business. This will ensure that any payment security vulnerabilities are identified and fixed in a timely fashion to maintain PCI compliance.

Myth #3 – My outsourced credit card processing company automatically takes care of all PCI issues.

Using a third-party processor can help to improve payment security and reduce risk exposure, but it is not a guarantee that your business is PCI compliant. As a business owner, you need to take responsibility to ensure that your payment processing system is up to PCI standards. Ask questions and be proactive—if they can’t answer or don’t know, it may be time reconsider your merchant services provider.

ABT_PCI-Compliance_2Myth #4 – Nothing bad will happen if my business isn’t PCI compliant.

If a business fails to maintain PCI compliance, payment brands, such as Visa and American Express, have the right to fine acquiring banks anywhere from $5,000 to $100,000 per month. These fees eventually trickle down to the merchant who violated the compliance. On top of that, the bank will very likely increase transaction fees or terminate the relationship with the merchant. It’s important for merchants to understand that the costs associated with PCI violations can be destructive to businesses of all sizes.

Business Owners: Take Action Now!

Not sure if your business is PCI compliant? The experts at Abtek are experienced at guiding business owners, just like you, through the complex validation process. Contact us today to find out how we help you ensure that your business’s payment processes are secure.


Stay updated on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
ABT_Sustainability

Go Green! 5 Ways to Make Your Payment Processing Methods More Sustainable

On Wednesday, April 22, more than 192 countries across the globe will celebrate the 45th annual Earth Day, an event that promotes awareness and support of environmental protection.

As a business owner, you may have already taken steps to make your business more environmentally-friendly, like installing CFL or LED light bulbs, or setting up a recycling program, but did you know that your business could go even greener by extending sustainability to your payment processing?

In conjunction with Earth Day, we’ve got five helpful tips for how your business can make your payment processing methods more eco-friendly.

1. Switch to Digital Receipts

In the near future, printed receipts will be a thing of the past. In 2012, 35 percent of retailers offered digital receipts, and that percentage is expected to continue to grow with the advancement of digital and mobile payment solutions. Not only do paperless receipts help the environment, but they also save your business money and provide convenience for customers.

ABT_Sustainability_TILES_12. Protect Your Customers’ Data, Protect the Environment

Did you know that when your employees write down customers’ credit card numbers, you could be putting their data at risk? According to one study, out of the top 100 chain restaurants, 80% have at least one employee who writes down credit card numbers. Not only does this practice violate PCI guidelines and increase the chances of a data breach, but it’s also a waste of paper. Instead, employees should enter the data directly into your secure payment processing system. If you do end up with paper documents containing sensitive credit card information, be sure to shred and recycle them as soon as possible.

3. Integrate Tablets Into Your Business

By implementing cloud-based Tablet Solutions into your business, you can manage your business from anywhere, potentially minimizing extra trips to the office and reducing your gas usage. Additionally, with Tablet Solutions, you can avoid printing spreadsheets of financial summaries or inventory manifests.

ABT_Sustainability_TILES_24. If You Have to Print, Do it Smartly

Simply put, don’t print things that don’t need to be printed! According to Preton, the average employee prints six unnecessary pages per day. When you do need to print, however, use paper that has maximum recycled content to help reduce your business’s carbon footprint. If your printer has the capability to print double-sided, do so and instead of throwing away paper that’s been printed on one side, use it for scrap paper or for printing drafts.

5. Recycle responsibly

When your outdated processing equipment and terminals kick the bucket, don’t just throw them away—donate or sell them to an electronic recycling facility. These terminals contain data that can be breached if they’re not disposed of properly. Also, electronic equipment often contains materials that can become toxic when dumped in a landfill. These recycling facilities salvage the parts they can for resale and properly disassemble the others for safe disposal.

Implementing more environmentally sustainable practices in your business doesn’t have to happen all at once. Start by making small changes, and get your employees involved! A big part of making your business more eco-friendly has to do with creating a culture of sustainability, and sticking with it. And there’s no better time to start than Earth Day 2015!


Stay updated on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
ABTK-SM-Blog-paymentprocesses-hero

Could Your Payment Processing Methods Be Endangering Your Customers?

Adopting good business finance habits ensures an establishment’s security and longevity. When credit card processing is treated with acute attention, point-of-sale transactions are quick and simple.

However, many businesses engage in a slew of less-than-safe practices, capable of undermining the entire establishment’s security.

Both negligence and bad bookkeeping can severely harm a business—and poor payment processing can compromise its customers.

ABTK-small-blog-image-paymentprocessing-01Insecure Data Storage

Merchant services requires consistency and protective storage methods. Unfortunately, when PCI compliance isn’t regularly practiced, digital payments may reduce an organization’s security.

An Oswap.org business data breach analysis has figured in the many threats posed against companies utilizing point-of-sale technology. Store-based devices aren’t entirely safe from malware, malicious users or false authentication. Similarly, the following habits can severely compromise a customer’s security at, and after, the register:

  • Writing down credit information by hand
  • Using insecure mobile applications for promotions
  • Improper maintenance of addresses, social security numbers and credit card data
  • Easily accessible information systems

ABTK-small-blog-image-paymentprocessing-02The Importance of Employee Training

Delegating business tasks effectively ensures a resource-savvy business. However, employee training benefits the customer’s security directly.

Task distribution promotes business connectivity, and a well-connected business may further assist its customers. When employees aren’t trained effectively, however, their customer attentiveness may dwindle. Similarly, they may forget or fail to execute vital actions needed for customer safety.

Anyone operating a business register or information database should be capable of utilizing supreme precaution. A negligent employee may not mean to compromise a customer’s information—but poorly trained job skills can absolutely exploit important information.

ABTK-small-blog-image-paymentprocessing-03Credit Card Security

Forgers often utilize fraudulent credit cards and their potential danger should be understood. This primarily affects the business, rather than the consumer. However, anything capable of targeting a business’s secure data infrastructure should be considered a vital security risk to everyone involved.

When examining credit cards for purchases, merchants must remember to check the following:

  • Valid expiration dates
  • First four account numbers above the card’s first four numbers
  • Three-dimensional security hologram
  • Matching signatures

Fraudulent credit cards can affect a business when high-tech sales processing machinery is forgone, which is why maintaining comprehensive point-of-sale processing is incredibly important.

Remember: The consumer is relatively unprotected during most transactions. While a business actively maintains systems to ensure their own privacy and sustainability, consumers may be exposed. Proper routines, effective employee training and a watchful eye during transactions will not only protect the consumer’s information—it’ll breed a business atmosphere deserving of trust and success.


Stay updated on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
merchant protection

Merchant Services Companies Can Protect Merchants and Consumers from Identity Theft

Before consumers will take any risks on making purchases with a merchant service, they need assurances that their privacy is intact, their financial information is secure during credit card processing and that they are being protected from the invasive efforts of identity thieves through merchant service compliance initiatives.

Leading providers of merchant services offer credit card processing and POS systems management to most level 4 merchants such as debit card and credit cards from Visa, MasterCard and others.

Merchants understand, for the most part, that PCI compliance is not just a requirement, but a business responsibility for covering their consumers. Small business merchants believe that complying with PCI standards improves their business security. In fact since 2012, businesses that have stepped up their security PCI compliance have seen up to 50% growth in customer based sales, and even more recently.

ABTK-small-blog-image-03Identity Theft Can Happen to Companies and Individuals

Business identity theft protection is as vital to thriving businesses as it is to consumers. When hackers compromise the security of business merchant records, they can get a hold of personal financial records of thousands of customers. With the continuing global growth of ecommerce trade, new innovative controls have been developed over the years to keep ahead of business hacker’s efforts.

ABTK-small-blog-image-02Digital Solutions to Credit Card and Identity Theft Threats

Consumers are readily adopting the concept of mobile commerce technologies. Many find it easier to trust mega-corporations to secure customer online payments using business intelligence security using their smartphones and other digital devices than to trust the security of small businesses in brick and mortar shops.

One way financial institutions are protecting consumer security from identity thieves is by using geo-location within their payment and purchasing eco-systems. In fact, mega corporations like Google, Apple, PayPal and Square are investing big time in new geo-based technology. Processes for secure transactions using smartphone apps will soon become recognized as the safer and more secure transaction method, our digital wallets, over physical credit and debit cards.

Retailers have the capacity to provide security in a seamless, secure market with direct service transactions for their customers who elect to use mobile payment technologies. The built in securities in smartphones and payment apps will deter identity theft and wall out hackers, making mobile merchant accounts and their ecommerce companies highly regarded by consumers for their digital protective powers.

ABTK-small-blog-image-01Efficiency in Chargeback Procedures and Compliance

An integrated online payment duty of merchant service accounts is to guarantee coverage for following through with customer chargebacks. The financial service industry is more versatile in administering certain guidelines and maintaining reserve funds for chargebacks for dissatisfied credit card holders. There have been many instances with banks denying valid claims because of their restricting regulations.

ABTK-small-blog-image-04Pro-Active Protection Methods Used by Merchant Services Companies

Many merchant service companies provide their customers with software that can notify them if fraudulent activities are suspected on their accounts. Some banks will put a temporary hold on credit card activities until the customer makes a call to confirm unusual charges, before anything really serious can happen. If too many password attempts hit a merchant website page, their merchant account will be temporarily blocked until they call in to change the password.

Some merchant services websites outline the steps to take if a suspected fraudulent incident happens to a merchant account; these steps are designed to stop identity thieves in their tracks. Some financial services act as interceders between the seller and purchaser so they never have a printout or stamp of your account, and the information they receive on any transaction is limited. This can be as effective as using encoded passwords and account numbers.

Internet specialists, programmers and software designers are working around the clock to stay ahead with innovative features for safety in the online financial and marketing industry. Many trusted avenues for transferring money are being tasked to ensure that clients have a safe mode of completing business and sales without the danger of identity theft. Users who are observant, make good decisions and follow protection warnings when online can safely avoid identity theft.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS