Security Metrics released their third study on unencrypted card data; the results were astonishing as 63% of businesses do not encrypt credit cards. This means that businesses are storing the 16-digit Primary Account Number (PAN) in the clear. 7% of businesses are storing the magnetic stripe data found on the back of the card.[1] Not only is storing unencrypted card information reckless—putting organizations and their customers at risk—it violates Payment Card Industry Data Security Standards (PCI DSS).
Encryption Is Your Friend
Data is useless if it can’t be read. Encryption protects payments in transit – from the initial swipe, or key entry, to settlement. With TrustCommerce’s integrated software solution, payment processing is not possible without the TrustCommerce key-injected point-of-sale (POS) encrypting device, helping to prevent “malware” attacks.
With encryption:
- Cardholder data does not enter merchant environment
- Merchant does not hold the keys to decrypt the data
TrustCommerce helps organizations of all sizes encrypt payment data using point-to-point encryption (P2PE) solutions. TrustCommerce supports a multitude of devices that encrypt credit card information at the point of entry—whether key entered or swiped. These devices help ensure the data never reaches merchant networks and reduces the risk of misconfigured software, improper file removal, or restored backups.
Is Encryption Expensive?
Implementing an encryption solution may seem like a daunting and expensive process to some; however, that is not always the case. Encryption is included at no additional cost with a TrustCommerce account. Merchants will need to purchase encrypting hardware devices from TrustCommerce, which currently range from approximately US$60 to $US125. More advanced, multi-purpose devices will be more expensive.
Simple Steps Can Have a Big Impact
If something is holding you back from utilizing encryption, contact a Solutions Consultant today to find out what TrustCommerce can do for your business. Using encryption in conjunction with other secure payment solutions and technologies, such as tokenization and the coming soon EMV creates the best defense against increasing threats.
Remember, data breaches can be costly and have a lingering effect on your business’s reputation; worst case scenario you are forced to close your doors for good. Is that really a risk you are willing to take?
[1]http://www.net-security.org/secworld.php?id=17135