Last week, we released Part 2 of our series on how to select the perfect payment partner for your salon or spa. In that article we went over all the fees that are often associated when joining forces with a payment processor. This week, we'll go over credit card security and answer one of the most important questions you need to ask yourself to during this selection process: how will I keep my business and customers safe?
Whether your customers are paying for a service, shopping online or simply buying a cup of coffee, they’re probably using a credit card. Credit cards are so integrated into our daily lives that we tend to forget the risks involved with using them.
Businesses like yours play a critical role in ensuring customers feel safe in using credit cards wherever they go. But even well-intentioned owners make security mistakes due to lack of awareness and insecure systems.
If your point-of-sale system is outdated, if you jot down a customer’s credit card number on a piece of paper while talking to her on the phone, or if your Wi-Fi isn’t password-protected, you could be jeopardizing your customers’ data.
Knowing the basics about credit card security means learning about two important abbreviations: PCI and EMV.
Your business is responsible for following a crucial set of regulations you may have never heard of: PCI-DSS, the Payment Card Industry Data Security Standard.
To protect consumers from security threats, credit card companies enforce these PCI standards for safely processing and storing credit cards at your business.
If customer data is compromised because your business is found to be non-compliant, the consequences can be devastating. You could be fined thousands of dollars by the credit card issuers and have to pay thousands more for new systems and an investigation into the breach. Plus, you face untold costs of losing once-loyal customers who no longer trust your business.
Keeping your business PCI-compliant involves following rules like these:
- Use PCI-compliant hardware and software. Newer point-of-sale devices and software are likely compliant, but older systems may be putting your business at risk.
- Don’t save credit card data. Never keep a credit card number on a hard drive, in an email or on a piece of paper. A compliant POS solution can encrypt data so businesses can safely keep a credit card on file.
- Create unique passwords and staff accounts. Don’t keep any default passwords, and don’t allow your team to share a single log-in. Create a company security policy and share it with your employees.
- Password-protect your wireless router. You can still offer free Wi-Fi for your customers, but require them to use a password for their protection.
- Use anti-virus software and a firewall on your computer. Most operating systems include a firewall, but make sure it’s running, and update your system if necessary.
Complying with PCI is your responsibility, but there’s a simple way to ensure your business is safe. If your credit card processor is PCI-compliant and you pair it with a management system that is PCI-compliant, you have far less complexities to worry about. Companies like Booker have Level 1 PCI compliance, the highest form of security in the industry. This means along with safe practices, you only need to worry about unique passwords for your staff and Wi-Fi. The software and point-of-sale device encrypts all credit cards you use or store, showing you only the last four digits of the card number. If you use Booker to process and store credit cards, you can trust that your systems are secure.
EMV Chip Card Technology
Ever wonder why so many businesses now use the chip on your credit card instead of swiping it?
Chip card technology, known as “EMV”, is now the global standard for credit card payments. Each time this tiny computer chip is inserted in a chip-card reader for payment, a unique code is generated—making customer data far more difficult to steal than if the card’s magnetic stripe is used since the data held there never changes.
Although businesses aren’t required to accept EMV chip cards, it is important to choose a point-of-sale system with a chip card reader. This is because, in the past, credit card issuers would compensate consumers for fraudulent charges. The reason the card issuer would take on this cost is because they had not provided their customer with a way to make the payment more secure. Almost all banks have now issued their clients cards with the added security of a chip. This means that if you, as a business owner, do not choose to use the more secure way of accepting payments, and choose to swipe cards, this liability now falls on your business. If you are using a device with a chip card reader, like the Clover Mini, the payment is as secure as you can make it and therefore you would not be liable.
It may seem unlikely that your business would be the target of purposely illegitimate transactions, but the reality is, no business is exempt from the risk and chip cards can help protect you and your business against chargeback penalties.
Be sure to check back in next Wednesday to read our final installment in our payment partner series. We'll uncover how integrating a payment partner with your salon or spa can simplify your day-to-day.
Looking to binge-read this entire series? Just click the links below!
About the Author