Operations

Know How To Handle Credit Cards The Right Way

Posted on April 7, 2014 by - Also by this author

If you haven’t heard of PCI Compliance yet, you will soon. The Payment Card Industry (PCI) has formed a Data Security Standard that requires any organization that accepts, acquires, transmits, processes, or stores data containing payment card information to guard the privacy of that information.  

Before the end of the year, you will need to complete an online Self-Assessment Questionnaire (SAQ) to become certified to handle the credit card data. Failure to comply will cause you to lose the ability to take credit cards. This is a serious matter.

What You Need to Know

The PCI Data Security Standard, commonly referred to as “PCI,” includes multiple checkpoint areas including physical security management of your facility, policies on when and how you process cards, and procedures such as how the data is handled once the charge has been processed. It also includes how your computer network is set up both in-house and for any outside access allowed. If you are using reservations software that processes the credit card during the reservation process, the software itself must be secure from hackers. The last components include monitoring the status of your network for viruses and testing your system through outside hack attempts in what is known as a penetration test. Your credit card processor can provide a link to test your vulnerability.

The Whole Number

One of the basic requirements of compliance is to protect the credit card number from ever being displayed as a whole number. Only the last four or five digits should be visible after a transaction. You are NEVER allowed to handwrite a whole credit card number on any document. Likewise, no document that is printed including credit card receipts, trip tickets, confirmations or any other document may contain the whole number.

Who Sees It?

The fewer people who see the whole credit card number and have access to the full number by computer look-up, the better. The only person in your organization who needs the whole number is the person reconciling credit card transactions to bank deposits. Even in that case, the data only should be accessed in a discrepancy. This person should be the same person who handles credit card disputes to minimize the number of people with access.

Transaction Process

Firm policies should be in place on the handling of the credit card. While verification of identity to match the credit card should be a top priority, PCI Compliance is intended to protect data breaches, not identity theft. Although, stolen credit card information may result in identity theft. Once a credit card is entered into reservations software and processed, from that point on the credit card number displayed to the employee should only contain the last four or five digits and not be accessible to the employee ever again.

Data Storage

This is probably the most challenging concern for merchants. Most of us lack the computer knowledge to know if our network is completely secure or even how credit card numbers are stored on a network server. If you have the ability to create a new reservation for a client and his credit card data is automatically transferred to a new reservation, you are storing the number in your office computer. These transactions are processed through the Internet meaning your computer is connected to the Internet and vulnerable to attack.

View comments or post a comment on this story. (1 Comment)

More News

Uber Gets Silly, Creepy & Cheap

TNC Travesties Of The Week: Selfie check-ins and ghost drivers. . . and people still debate driver background checks?

Top Luxury Hotels Thrive Despite Global Travel Drop

Affluent consumers are cutting down on stays with a modest decrease in booked nights.

How Tech Platforms Are Changing Business Travel

A dizzying number of mobile icons now let executives manage their flights, hotels, rail tickets, security and expenses.

RedCoach Brings Affordable Luxury Travel To Florida

The company is the first express bus service to offer city center to city center travel, and provides travelers with first-class amenities.

How To Prepare Your Business Card For The Digital Age

LCT WebXclusive: Technology is making it easier than ever for operators to stand out — if they take the time to learn how to use it properly.

See More News

Facebook Comments ()

Comments (1)

Post a Comment

Submit

Blogs

See More

See More

See More

See More

LCT Store

LCT Magazine - September 2016 $12.95 COVER STORY: * How Do We Max Our Markets? * *



Connect

Experience the three annual industry events for networking for business, showcasing vehicles and products, and getting the tools for success.

Read About Your Region

What’s Happening Near You?
Click on any state to see the latest industry news and events in that region.

More From The World's Largest Fleet Publisher

Automotive Fleet

The Car and truck fleet and leasing management magazine

Business Fleet

managing 10-50 company vehicles

Fleet Financials

Executive vehicle management

Government Fleet

managing public sector vehicles & equipment

TruckingInfo.com

THE COMMERCIAL TRUCK INDUSTRY’S MOST IN-DEPTH INFORMATION SOURCE

Work Truck Magazine

The number 1 resource for vocational truck fleets

Metro Magazine

Serving the bus and passenger rail industries for more than a century

Schoolbus Fleet

Serving school transportation professionals in the U.S. and Canada

Please sign in or register to .    Close