Remember when it was pay day and you would take your paycheck to the bank and then wait in line to deposit it into your account? What about when you would withdraw cash so you could make purchases like groceries and other household items? Fast forward to today… payment processing has come such a long way that we barely see any paper at all anymore. When you get paid from your work, chances are the money gets deposited directly into your bank account. And if you do receive an old-fashioned cheque, you can take a photo of it and make the deposit via a mobile app rather than physically taking it to the bank. Furthermore, when you go out shopping, you likely use your credit or debit card to pay. Very rarely do people carry cash any more in Canada.
Technology has thrust payment processing forward in so many ways. Consumers can now shop from their smartphones from anywhere, while merchants can accept payments on their smartphones from anywhere too. Merchants have had to adapt to accept various methods of payment as consumers crave the convenience of being able to pay by any means they have available at that moment. Consumers have also had to adapt and update their own payment means, as many of the products or services are offered exclusively online, so cash is not even an option for payment anymore in many cases.
With the constant upsurge of new technology in payment processing, there are various opinions on the inherent safety of new payment technology. Some might say there is more risk exposure to losing personal data (identity theft), while others might point out that new technology is safer and more accurate, providing a trail to all transactions thus making theft and fraud less common. Either way, a set of safety standards and measures needed to be established in order to protect consumers’ sensitive data.
On September 7, 2006, the Payment Card Industry Security Standards Council (PCI SSC) was launched to manage the ongoing evolution of the Payment Card Industry (PCI) security standards, with a focus on improving payment account security throughout the transaction process. An independent body was created by the major payment card brands (Visa, MasterCard, American Express, Discover and JCB) to manage and administer the Payment Card Industry Data Security Standard (PCI DSS). PCI DSS is a set of security standards designed to ensure that all businesses that accept, process, store or transmit credit card information maintain a secure environment.
How Does PCI DSS Work?
PCI compliance in Canada ensures that merchant accounts are protected and regulated by law so business owners can have peace of mind when they entrust their business with their payment processing service provider. The PCI DSS framework applies to any organization that accepts, transmits or stores any cardholder data, regardless of size or number of transactions. All merchants fall into one of the four merchant levels based on Visa transaction volume over a 12-month period. Transaction volume is based on the aggregate number of Visa transactions.
Merchant levels as defined by Visa:
|1||Any merchant processing over 6 million Visa transactions per year.|
|2||Any merchant processing 1 million to 6 million Visa transactions per year.|
|3||Any merchant processing 20,000 to 1 million Visa e-commerce transactions per year.|
|4||Any merchant processing fewer than 20,000 Visa e-commerce transactions per year, and all other merchants processing up to 1 million Visa transactions per year.|
Protect Your Business: Become PCI Compliant
Sometimes running a secure business isn’t cheap! In fact, it can be costly to maintain a fully compliant system. However, the benefits you gain by ensuring that your business meets all PCI DSS compliance standards could very well be priceless, therefore it’s a worthwhile investment.
No matter the size of your business, if you accept, transmit or store cardholder data, you must comply with PCI requirements. Although PCI compliance may seem like just another costly hassle, maintaining full PCI compliance is a necessary measure you should comply with to protect yourself and your customers from the immense price that a data breach may have. By making your data more secure by adhering to PCI compliance guidelines, you’re protecting your business in several ways, ultimately saving yourself time and money – two very valuable assets. MONEXgroup makes PCI compliance simple for our merchants by adhering to the latest PCI standards and offering a turnkey solution that is certified secure.
General Tips for Merchants Wishing to Practice PCI Compliance
Below are some tips for merchants wishing to practice PCI Compliance:
Build and Maintain a Secure Network
- Install and maintain a firewall configuration to protect cardholder data
- Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
- Protect stored cardholder data
- Encrypt transmission of cardholder data across open public networks
Maintain a Vulnerability Management Program
- Use and regularly update anti-virus software
- Develop and maintain secure systems and applications
Implement Strong Access Control Measures
- Restrict access to cardholder data by business need-to-know
- Assign a unique ID to each person with computer access
- Restrict physical access to cardholder data
Regularly Monitor and Test Networks
- Track and monitor all access to network resources and cardholder data
- Regularly test security systems and processes
Maintain an Information Security Policy
- Maintain a policy that addresses information security
MONEXgroup Facilitates PCI Compliance for Your Business
MONEXgroup provides merchant processor solutions with the latest PCI compliant technology that will equip businesses and their clients with the confidence that their transactions are secure. MONEXgroup has partnered with the leading PCI Compliance providers in Canada and maintains the highest standards in the industry.
MONEXgroup offers the latest SHA-2 standard POS terminals with 256 bit SSL encryption. Our Contactless plus Chip and Pin technologies verify the signature and eliminate the customers’ responsibility for Authentication. MONEXgroup strictly adheres to the regulations of PCI Compliance in Canada as all of our POS solutions include measures such as CVV2/CVC2, Duplicate card Checking, Last Four-Digit Entry and Password Protection of Key Functions. MONEXgroup also employs Account Security Verification (AVS); which verifies the cardholder’s billing address with the card issuer. Card Security Verification occurs by looking at the credit card’s security value (non-embossed 3-4 digits code) and checks it against the issuer’s value on file.
MONEXgroup is also the first and only payment processor in Canada to offer PCI compliant Contactless Only payment terminals in Unattended environments, supporting Tap Only payments by Visa payWave, MasterCard Tap & Go, Interac Flash, Apple Pay and Android Pay. This solution can be found at tire inflators and car vacuums at gas stations across Canada, in addition to our groundbreaking Tap & Wash solution designed for Carwashes, plus Tap To Donate for charitable organizations.
For businesses providing on-site services, the Clover Virtual Terminal, is very attractive. It offers a quick and easy way to accept credit or debit card payments and can be used with smartphones or tablets via a Bluetooth connection. PCI has published security guidelines for securing mobile payment solutions used with smartphones or tablets.
When partnering with the number one payment processor in Canada; MONEXgroup will increase your efficiency and quality of service and lower the related costs. Request a Cost Comparison Analysis today.