The Payment Card Industry Data Security Standards (PCI-DSS) are a set of requirements that you must follow to protect sensitive cardholder data.
Sensitive cardholder data is information from a payment card that an issuing bank can use to authorize a transaction.… Read More “What is PCI-DSS?”
Articles tagged: pci
What is P2PE?
Point-to-Point Encryption (P2PE) protects your customer’s payment data by encrypting it at the point of entry before you send it to your processor. The data can be unencrypted using only the processor’s secure key, so even if a fraudster steals the data they can’t use it.… Read More “What is P2PE?”
Genius Smart P2PE™ Instruction Manual
If you are using the Genius Smart P2PE solution, you must install and maintain your Genius devices according to the instructions in the P2PE Instruction Manual (PIM).
If you have any questions about the Genius Smart P2PE solution, contact our Genius Support Team.… Read More “Genius Smart P2PE™ Instruction Manual”
What do I need to do to comply with PCI-DSS?
To comply with PCI-DSS requirements, you must do the following:
- Use equipment and systems that comply with the PCI-DSS’s requirements for processing and storing sensitive cardholder data
- Educate your employees about the best practices for working with cardholder data
- Complete an annual self-assessment questionnaire (SAQ) or an on-site audit by an external assessor each year
- Carry out software scans to discover potential flaws in your system
Best practices
You should also follow our best practices to help you secure your network, which include the following:
Do
- Use only PCI-DSS approved PIN entry devices
- Use a properly configured firewall on your network and computers
- Use strong passwords and change the default passwords on hardware and software
Don’t
- Share passwords with employees
- Use passwords more than once
- Use weak or insecure protocols for connecting to your access point
- Connect to access points you don’t trust or haven’t set up yourself
- Leave your POS devices unattended
What can I do to protect my business against hackers?
You can reduce the risk of a hacker attack on your business by doing the following:
- Installing security software and keeping it up to date
- Limiting access to your wireless network
- Keeping work and personal devices separate
- Keeping “backroom” technology away from the sales floor
- Limiting administrative access on business devices
- Ensuring your employees understand the latest payment technologies
- Regularly training your employees
Limiting access to your wireless network
Limiting access to your wireless network reduces the risk of your network being hacked.… Read More “What can I do to protect my business against hackers?”