With consumer identity theft and credit card fraud on the rise, account security is more important than ever, to consumers, merchants and card issuers alike. Research reveals an increase in the number of identity theft victims in the U.S. in recent years, as well as an increase in the concern over such theft by consumers – exceeding their concerns regarding terrorism or health-related incidents. To combat this phenomenon, governmental agencies, credit card issuers, and retailers have become invested in finding solutions to reduce the scope of the problem, and make card processing as secure as possible.
When a consumer makes a purchase, he or she places trust in the merchant to take the required precautions and employ the necessary technology to protect personal information. In 2004, the five largest credit card organizations – American Express, Discover, JCB International, MasterCard, and Visa – established the PCI Security Standards, which served to set an industry standard for credit card protection. Federal law now requires merchants to meet these standards, which focus on things like maintaining a secure data transmission network, protecting cardholder data and regular networking monitoring. PCI compliant credit card terminals a crucial part of secure card processing.
The swiping of a credit card’s magnetic strip triggers a string of events that ultimately facilitate the transfer of funds from the account of the purchaser to the account of the seller. In the course of a single transaction, there are typically four separate data transfers from one entity to another – in other words, four opportunities for an unauthorized individual to gain access to a Cardholder’s personal information.
PCI compliant credit card terminals offer customers several important considerations. First, a compliant terminal must include an adequate firewall in order to protect cardholder data and prevent “eavesdropping” by unauthorized individuals. Terminals are digitally configured to encrypt the transmission of cardholder data across public networks, providing an added measure of protection. Recent technology allows for the creation and storage of a “token” in place of the credit card number. Once a merchant receives authorization for a transaction, the terminal disposes of the card number and replaces it with a digital token number. The terminal software then tracks the tokens in order to ensure they correspond correctly with the original credit card number. At the end of the day, the merchant transmits a batch of tokens, which are digitally linked to the account information required by the bank, and final processing occurs.
By implementing the use of technologically sophisticated credit card terminals, particularly those that are compliant with PCI Security Standards, organizations can provide their customers with peace of mind in knowing that their personal and financial information will be handled securely and with utmost care.