The chances are that as a small business you have the ability to take credit card payment from customers. Despite the growth in third party payment services such as PayPal many merchants still prefer to be in charge of their own card payments rather than rely on a third party who, of course, will take a charge against the transaction.

In an effort to combat credit card fraud, especially card holder not present fraud, merchant rules and regulations have been tightened up. This tightening up also applies to the storage of credit card numbers on computers, and if you store such numbers electronically then you are now subject to the Payment Card Industry Data Security Standards, often referred to as PCI-DSS or simply PCI.

The payment card issuers have taken PCI and encompassed it in their own rules that merchants are subject to, for example Visa have the Cardholder Information Security Program (CISP) and MasterCard the Site Data Protection program (SDP). Different levels of compliance apply to different volumes of trades carried out by an individual merchant.

The good news is that if you have been following the IT security recommendations in the Business IT Guide then your systems should be very close to the compliance requirements of your card issuer. If your IT systems are not compliant then expect a possible visit from your service provider, fine and/or termination of your card processing contract.
Card fraud is a problem for us all and we all have a responsibility to reduce it, so act now before it is too late.

These BITG guides may help you further;

Creating IT Security Policies
 
Protecting Important Data

Securing Computer Data

These external sites may also be useful;

PCI Compliance

PCI Standards

Visa

MasterCard

Streamline

What next?

For further IT security information visit www.ecrimewales.com, for a guide to e-Crime prevention and detection.

Copy this content onto your website

Paste this snippet to use content on your website:

<p>The chances are that as a small business you have the ability to take credit card payment from customers. Despite the growth in third party payment services such as PayPal many merchants still prefer to be in charge of their own card payments rather than rely on a third party who, of course, will take a charge against the transaction.<br /><br />In an effort to combat credit card fraud, especially card holder not present fraud, merchant rules and regulations have been tightened up. This tightening up also applies to the storage of credit card numbers on computers, and if you store such numbers electronically then you are now subject to the Payment Card Industry Data Security Standards, often referred to as PCI-DSS or simply PCI.<br /><br />The payment card issuers have taken PCI and encompassed it in their own rules that merchants are subject to, for example Visa have the Cardholder Information Security Program (CISP) and MasterCard the Site Data Protection program (SDP). Different levels of compliance apply to different volumes of trades carried out by an individual merchant. <br /><br />The good news is that if you have been following the IT security recommendations in the Business IT Guide then your systems should be very close to the compliance requirements of your card issuer. If your IT systems are not compliant then expect a possible visit from your service provider, fine and/or termination of your card processing contract.<br />Card fraud is a problem for us all and we all have a responsibility to reduce it, so act now before it is too late.<br /><br />These BITG guides may help you further;<br /><br /><a href="http://www.businessitguide.com/guides/view-guide/29/" target="_blank">Creating IT Security Policies</a> <br />&nbsp; <a href="http://www.businessitguide.com/guides/view-guide/20/" target="_blank"><br />Protecting Important Data</a><br /><br /><a href="http://www.businessitguide.com/guides/view-guide/19/" target="_blank">Securing Computer Data</a><br /><br />These external sites may also be useful;<br /><br /><a href="http://www.pcicomplianceguide.org/aboutpcicompliance.html" target="_blank">PCI Compliance</a><br /><br /><a href="http://www.pcisecuritystandards.org/" target="_blank">PCI Standards</a><br /><br /><a href="http://www.visaeurope.com/aboutvisa/security/ais/resourcesanddownloads.jsp" target="_blank">Visa</a><br /><br /><a href="http://www.mastercard.com/uk/merchant/en/security/what_can_do/SDP/merchant/index.html" target="_blank">MasterCard</a><br /><br /><a href="http://www.streamline.com/downloads/PCIDSSGuideV2.pdf" target="_blank">Streamline</a> </p><p><strong>What next?</strong><br /><br />For further IT security&nbsp;information visit <a href="http://www.ecrimewales.com/" target="_blank">www.ecrimewales.com</a>, for a guide to e-Crime prevention and detection.<br /><br /></p> <p>Original Source:<br /> The Business IT Guide (<a href="http://www.businessitguide.com" title="www.businessitguide.com">www.businessitguide.com</a>) – A free, online resource helping small companies exploit technology for business benefit.</p> <img src="http://scotland.businessitguide.com/uploads/120x90.jpg" alt="Logo" />

Copy this content onto your website

Paste this snippet to use content on your website:

The chances are that as a small business you have the ability to take credit card payment from customers. Despite the growth in third party payment services such as PayPal many merchants still prefer to be in charge of their own card payments rather than rely on a third party who, of course, will take a charge against the transaction. In an effort to combat credit card fraud, especially card holder not present fraud, merchant rules and regulations have been tightened up. This tightening up also applies to the storage of credit card numbers on computers, and if you store such numbers electronically then you are now subject to the Payment Card Industry Data Security Standards, often referred to as PCI-DSS or simply PCI. The payment card issuers have taken PCI and encompassed it in their own rules that merchants are subject to, for example Visa have the Cardholder Information Security Program (CISP) and MasterCard the Site Data Protection program (SDP). Different levels of compliance apply to different volumes of trades carried out by an individual merchant. The good news is that if you have been following the IT security recommendations in the Business IT Guide then your systems should be very close to the compliance requirements of your card issuer. If your IT systems are not compliant then expect a possible visit from your service provider, fine and/or termination of your card processing contract. Card fraud is a problem for us all and we all have a responsibility to reduce it, so act now before it is too late. These BITG guides may help you further; [Creating IT Security Policies][1] [ Protecting Important Data][2] [Securing Computer Data][3] These external sites may also be useful; [PCI Compliance][4] [PCI Standards][5] [Visa][6] [MasterCard][7] [Streamline][8] [1]: http://www.businessitguide.com/guides/view-guide/29/ [2]: http://www.businessitguide.com/guides/view-guide/20/ [3]: http://www.businessitguide.com/guides/view-guide/19/ [4]: http://www.pcicomplianceguide.org/aboutpcicompliance.html [5]: http://www.pcisecuritystandards.org/ [6]: http://www.visaeurope.com/aboutvisa/security/ais/resourcesanddownloads.jsp [7]: http://www.mastercard.com/uk/merchant/en/security/what_can_do/SDP/merc hant/index.html [8]: http://www.streamline.com/downloads/PCIDSSGuideV2.pdf **What next?** For further IT security information visit [www.ecrimewales.com][9], for a guide to e-Crime prevention and detection. [9]: http://www.ecrimewales.com/