PCI Compliance in Customer Communications

We’ve all been there. You receive a request from a customer asking for something that is in direct conflict with PCI compliance. But this is the first time they’ve asked, it should be just a one time thing, and you don’t want to upset the customer. So, what do you do? We don’t mean to sound like your mother, but choose compliance every time. Your customers will thank you for it.

PCI compliance standards are in place to ensure the security of cardholder data. 92%(1) of users say that they store sensitive information on personal devices, including mobile. Yet 58%(1) of users report that they worry their personal data may be stolen. The processes you put in place are critical to ensure your business is protected and you maintain a trusted relationship with your customers.

Here are four ways to let customers know you are serious about PCI compliance:

  1. Make sure that you only collect credit card information on a secure webpage (look for the lock icon and the https in the browser bar). When you collect online payments with PaySimple you can be confident that they are secure.
  2. Ensure your payment processing system is PCI compliant and keep your business certified. Customers can rest assured that you are doing everything possible to protect the credit card and other personal information they entrust to you.
  3. Always ask for the CVV security code when processing a telephone or online payment. Your payment processing method should never store this information. By asking for this code each time, you are confirming that the person authorizing the transaction has the card in hand.
  4. Tell your customers that they should never send credit card or bank account numbers via regular email. You can help remind them by always including a security notice in the footer of your emails to let customers know that the communication is not secure and to remind them that they should not reply with their account numbers or other sensitive personal information.

 

PaySimple upholds these standards and recommends that you do the same. Making PCI compliance a core part of your business process will help to make your customers more aware of issues surrounding security and ensure your business is not the cause of an unfortunate breach.

To learn more about the benefits, best practices and requirements of PCI compliance, please visit our PCI compliance FAQ’s.

 

1. http://media.kaspersky.com/en/Kaspersky_Lab_Consumer_Security_Risks_Survey_2014_ENG.pdf

Amanda Jurgens

Amanda Jurgens

Amanda is the Marketing Automation Manager at PaySimple responsible for email marketing strategy, development and optimization. In addition to a well-executed marketing campaign, Amanda loves outdoor activities in all of Colorado’s seasons, dog kisses and concerts.

More Posts