Operations

Know How To Handle Credit Cards The Right Way

Posted on April 7, 2014 by - Also by this author

If you haven’t heard of PCI Compliance yet, you will soon. The Payment Card Industry (PCI) has formed a Data Security Standard that requires any organization that accepts, acquires, transmits, processes, or stores data containing payment card information to guard the privacy of that information.  

Before the end of the year, you will need to complete an online Self-Assessment Questionnaire (SAQ) to become certified to handle the credit card data. Failure to comply will cause you to lose the ability to take credit cards. This is a serious matter.

What You Need to Know

The PCI Data Security Standard, commonly referred to as “PCI,” includes multiple checkpoint areas including physical security management of your facility, policies on when and how you process cards, and procedures such as how the data is handled once the charge has been processed. It also includes how your computer network is set up both in-house and for any outside access allowed. If you are using reservations software that processes the credit card during the reservation process, the software itself must be secure from hackers. The last components include monitoring the status of your network for viruses and testing your system through outside hack attempts in what is known as a penetration test. Your credit card processor can provide a link to test your vulnerability.

The Whole Number

One of the basic requirements of compliance is to protect the credit card number from ever being displayed as a whole number. Only the last four or five digits should be visible after a transaction. You are NEVER allowed to handwrite a whole credit card number on any document. Likewise, no document that is printed including credit card receipts, trip tickets, confirmations or any other document may contain the whole number.

Who Sees It?

The fewer people who see the whole credit card number and have access to the full number by computer look-up, the better. The only person in your organization who needs the whole number is the person reconciling credit card transactions to bank deposits. Even in that case, the data only should be accessed in a discrepancy. This person should be the same person who handles credit card disputes to minimize the number of people with access.

Transaction Process

Firm policies should be in place on the handling of the credit card. While verification of identity to match the credit card should be a top priority, PCI Compliance is intended to protect data breaches, not identity theft. Although, stolen credit card information may result in identity theft. Once a credit card is entered into reservations software and processed, from that point on the credit card number displayed to the employee should only contain the last four or five digits and not be accessible to the employee ever again.

Data Storage

This is probably the most challenging concern for merchants. Most of us lack the computer knowledge to know if our network is completely secure or even how credit card numbers are stored on a network server. If you have the ability to create a new reservation for a client and his credit card data is automatically transferred to a new reservation, you are storing the number in your office computer. These transactions are processed through the Internet meaning your computer is connected to the Internet and vulnerable to attack.

View comments or post a comment on this story. (1 Comment)

More News

Company Accused Of Ditching Couples At The Altar

One client says once the deposits were collected, the Cleveland-based business stopped responding to their calls and emails.

Uber Drivers Complain About The Silliest Things

TNC Travesties Of The Week: Some independent contractors just don't have what it takes to be chauffeurs.

Limo Caddy Can Upgrade A Back Seat To First Class

LCT WEB-X-CLUSIVE: Going the extra mile for customers is made easy with PLATROS’ patent-pending seatback pocket device.

Why You Need A Social Customer Service Strategy

Whether you like it or not, people are talking about your business on social media.

Treat Your Employees Right For Maximum ROI

There’s no better way to show your appreciation than giving them what they need to do their job. 

See More News

Facebook Comments ()

Comments (1)

Post a Comment

Submit

Blogs

See More

See More

See More

See More

LCT Store

LCT Magazine - December 2016 $12.95 GLOBAL/INTERNATIONAL ISSUE COVER STORY: * The Coolest Operators on the Planet * *



Connect

Experience the three annual industry events for networking for business, showcasing vehicles and products, and getting the tools for success.

Read About Your Region

What’s Happening Near You?
Click on any state to see the latest industry news and events in that region.

More From The World's Largest Fleet Publisher

Automotive Fleet

The Car and truck fleet and leasing management magazine

Business Fleet

managing 10-50 company vehicles

Fleet Financials

Executive vehicle management

Government Fleet

managing public sector vehicles & equipment

TruckingInfo.com

THE COMMERCIAL TRUCK INDUSTRY’S MOST IN-DEPTH INFORMATION SOURCE

Work Truck Magazine

The number 1 resource for vocational truck fleets

Metro Magazine

Serving the bus and passenger rail industries for more than a century

Schoolbus Fleet

Serving school transportation professionals in the U.S. and Canada

Please sign in or register to .    Close