(888) 791-9390 ext. 101 info@vipintegratedpayments.com

3 Best Practices for Maintaining PCI Compliance During COVID-19

Acumatica_Logo_FullColor_RGB (2)In order to persevere during and beyond the COVID-19 pandemic, many businesses have had to quickly change how they do business, operate from day to day, and accept payments. For merchants that only had brick-and-mortar locations, the need to accept e-commerce and over-the-phone payments securely was immediate and urgent.

The PCI Security Standards Council recently shared the best practices for merchants to maintain PCI compliance and continue to secure their customers’ payment data in this rapidly changing situation. Cybercriminals are unsurprisingly taking advantage of rapid changes to payments. The statistics are scary. According to the PCI Council:

  • 475% increase in malicious reports related to Coronavirus in March
  • 41% of small businesses that suffered a data breach paid more than $50,000 to recover
  • 29% of consumers surveyed said they would never again use a small business that suffered a data breach. https://www.pcisecuritystandards.org/

PCI Compliance Best Practice #1: The best way to protect against data breaches is not store card data at all.

One of the most common sources of stolen credit card numbers isn’t over the Internet, it’s literally in plain sight. When restaurants shifted quickly from dining in to curbside takeout, the increase in phone payments skyrocketed. Where they lacked a system to enter card details into, they wrote card numbers down on paper.

It’s too easy to make off with those credit card details which frequently include all the info needed to use the card online such as cardholder name, CVV, and expiration date. Many small merchants are offering curbside pickup now and are accepting telephone payments in lieu of former face-to-face transactions. Instead, invest in a secure system and train staff how to enter cardholder details directly into the system.

PCI Compliance Best Practice #2: A Strong Password is a Good Password

Breaches resulting from a weak password are totally preventable and is one of the leading categories of data breaches for businesses. It’s recommended that you use passwords that are strong and updated periodically. Avoid using a weak or worse, a default password, which is a favorite source of small merchant breaches.

The PCI Council defines a strong password as seven or more characters and a combination of upper and lower case letters, numbers, and symbols (like !@#$&*). A phrase that incorporates numbers and symbols can also be a strong password as long as you choose a phrase with relevant meaning to you so it’s easy to remember, like your pandemic hobby, for example (e.g. ILove2Bake!).

PCI Compliance Best Practice #3 - Rely on a Trusted PCI Expert

When reaching out to your current or prospective credit card payments provider to enable you to pivot to new payment types, make sure your service provider adheres to PCI DSS requirements. For Acumatica and Sage 100 merchants, your fastest route to PCI compliance is by utilizing an integrated payments solution.

Start Saving Today With Integrated Payment Experts

The team at VIP are experts with integrated payment technology solutions for North American merchants, differentiated by their strategic partnerships and multiple platform model. VIP provides a broad suite of end-to-end payment solutions and superior US-based customer support. They have spent more than 10 years integrating and developing relationships.

VIP’s credit card processing solutions integrate seamlessly with your Acumatica system, allowing you to accept credit card payments inside your software. The integration automatically posts payments to invoices, so there’s no need to go back into your program at the end of the day to reconcile your invoices or balance your general ledger. How much time could that save you every day?

Contact the experts at VIP Integrated Payments today to start saving time and money with Level 3, Acumatica integrated credit card payments. You can reach VIP by phone at (888) 791-9390 ext. 101, or email them at info@vipintegratedpayments.com.