Privacy, Security, and Compliance

Back to Getting Started
Privacy, Security, and Compliance
Industry Terminology and Running Transactions
Statements, Fees, and Funding

What is 3-D Secure?

3-D Secure is a fraud prevention tool that provides additional security for online transactions. Issuing banks use 3-D Secure to help verify the cardholder’s identity during a transaction.

Note: Using 3-D Secure shifts the liability for chargebacks to the cardholder or issuing bank.

How can I help keep sensitive cardholder data secure?

To help keep sensitive cardholder data secure, we recommend that you do the following:

Keep your software and applications up to date

Make sure you have the latest updates for any software or applications on your computer or POS system. For example, you need to keep the following up to date:

Antivirus software
Operating system
POS applications

Restrict access to sensitive cardholder data

You can restrict access to sensitive cardholder data and by doing the following:

Keep back-office equipment away from the front of your store.

What do I need to do to comply with PCI-DSS?

To comply with PCI-DSS requirements, you must do the following:

Use equipment and systems that comply with the PCI-DSS’s requirements for processing and storing sensitive cardholder data
Educate your employees about the best practices for working with cardholder data
Complete an annual self-assessment questionnaire (SAQ) or an on-site audit by an external assessor each year
Carry out software scans to discover potential flaws in your system

Best practices

You should also follow our best practices to help you secure your network, which include the following:

Do

Use only PCI-DSS approved PIN entry devices
Use a properly configured firewall on your network and computers
Use strong passwords and change the default passwords on hardware and software

Don’t

Share passwords with employees
Use passwords more than once
Use weak or insecure protocols for connecting to your access point
Connect to access points you don’t trust or haven’t set up yourself
Leave your POS devices unattended

What can I do to protect my business against hackers?

You can reduce the risk of a hacker attack on your business by doing the following:

Installing security software and keeping it up to date
Limiting access to your wireless network
Keeping work and personal devices separate
Keeping “backroom” technology away from the sales floor
Limiting administrative access on business devices
Ensuring your employees understand the latest payment technologies
Regularly training your employees

Limiting access to your wireless network

Limiting access to your wireless network reduces the risk of your network being hacked.… Read More “What can I do to protect my business against hackers?”