How You Can Leverage PCI DSS Compliance

May 16, 2012 by  Filed under: Credit 

A couple years ago, you couldn’t discuss financial security without the buzzword “PCI” making its way into conversation. Because data security was a hot topic for everyone to discuss and address, some companies even began adding fees and the infamous “Breach Insurance.”

After the Durbin Amendment, IRS and regulatory requirements and new card association fees implemented last year, this financial security discussion began to change. There were fewer conversations about PCI compliance assessments, even though it was, and still is, an important topic. However, because more and more regulatory issues began springing up, they were dominating the discussion. PCI DSS compliance all but disappeared, until the recent Global breach.

Although this isn’t a discussion about the Global breach, it’s important to note that this recent breach of a top five merchant services provider should be a wake up call for everyone in the business – to bring the attention back to PCI DSS compliance programs.

Now, most merchants understand the importance of data security for their customers, however, many believe that because they’ve invested in breach insurance, there is no need to worry. Upon asking what steps merchants are taking toward protecting customers, like completing a PCI compliance assessment, many haven’t yet considered this phase.

Finding a service provider that offers an easily understandable assessment and compliance program may be the key to becoming, and staying PCI compliant. To assure merchants don’t slip into non-compliance even after a successful questionnaire, here are three opportunities to help security stay at the forefront of merchants’ minds.

1. The Problem Call
Each time you’re contacted by a merchant with a question or concern, you’re presented with another opportunity to educate them about security and/or remind them of the importance of their PCI compliance assessment. Of course, be sure to address the reason they called, first and foremost, but then attempt to discuss the large issue of security.

Use this time to catch up with them and discuss any other products, but then direct the conversation to security. Find out if they’ve heard any recent news about data security and engage with them by letting them know the things they should be doing.

2. The Installation Conversation
Although we tend to think of installation as the final phase and last step before we send them on their way, we forget that this is an important time to have a conversation. Typically, many ask for referrals at this time. However, while trying to sell last minute added services, it’s also a great time to bring up the subject of data security.

3. Retention
Communication is considered the best retention tool. If you haven’t yet implemented some kind of newsletter or follow up tool, there are services that can help you reach customers electronically. With a newsletter, PCI DSS compliance can become a consistent topic, maybe not as the lead in of every email, but as a quick reminder each month.

Jeff Fortney is Vice President of ISO Channel Management at Clearent™. His financial services career stretches back over 35 years, with the last 17 focused on the debit and credit card processing industry. At Clearent, we approach the PCI DSS compliance process as an area for information, education and diligence. Find out more about our PCI compliance assessments that are easily understandable for merchants and tailored to their specific type of business.

Article Source:

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!

You must be logged in to post a comment.

Prev Post:
Next Post: