Security and risk professionals are continuously hit with the tsunami of new vulnerabilities, and there aren’t any signs of breach activity slowing down. According to the Verizon 2015 Data Breach Investigations Report, nearly 43 million security incidents occurred in 2014. And it’s no surprise that the vast majority of these breaches occurred against small to mid-sized companies.
A variety of tools are available to boost your point of sale credit card security. Consider the following steps:
- Upgrade credit card POS swipers to accept EMV chip cards.
- Upgrade all point of entry hardware to use point-to-point (P2P) encryption.
- Consider tokenization technology to encrypt credit card information.
- Consider partnering with a processer that offers bundled PCI compliance assistance programs, such as Vantiv's OmniShield Assure, to safely accept payments and dramatically reduce your fraud liability.
A smart card is a smart choice
The dramatic increase in counterfeit card fraud was what originally motivated the global payments industry to move to chip technology (smart cards). Contrary to magnetic stripe cards, EMV chip cards are designed to store sensitive data (such as PINs or keys) securely, and have the ability to manage risk and perform cryptographic computations dynamically. One of the key elements of EMV is the ability to authenticate a card to be sure that it is not a clone or counterfeit of the original card. As a result, any data that is stolen is significantly devalued and cannot be used to create counterfeit magnetic stripe cards.
Vantiv offers a set of integration methods and services that help developers extend their payment application to support EMV chip card acceptance. Developers can choose the integration approach that best fits their requirements based on the type of business, target markets, security requirements, and preferred form factor (Cloud, PC or mobile).
Stop theft at the door
In a P2P encryption solution, the cardholder data is encrypted at the point of entry and decrypted only at the intended recipient end. Vantiv’s P2P encryption solution helps protect data in transit by encrypting and transmitting cardholder data securely over any network. By leveraging Vantiv’s PCI-validated P2PE solution and our PCI PTS SRED certified hardware, payment applications are removed from PA-DSS compliance and merchants can qualify for reduced PCI-DSS scope
Although P2PE isn't the only tool that helps protect sensitive payment data from theft, many experts rank it highly. When polled about security strategies, financial executives believe P2PE will have the highest impact on data security and reducing fraud.
Rest easy knowing card data is safe
The use of tokenization in payments is to remove account data from the merchant’s card data environment and replace it with something that is useless outside of the environment in which the token was created. Tokenization can reduce the scope of your systems that fall under PCI DSS compliance requirements, thereby reducing the costs and man hours associated with the validation process. With Vantiv’s tokenization solution, customers can confidently focus on growing their business, while knowing that sensitive cardholder data is protected.
Shield your merchants from the elements
When developers bundle their POS application with Vantiv’s EMV acceptance, P2P encryption and tokenization solutions, merchants also gain access to PCI Assist and Breach Assist to help protect against the constant vulnerability threats data breaches present. OmniShield Assure delivers the tools merchants need to comply with new card network regulations, as well as protection from the four major threat factors facing their business: card data security; fraud protection; PCI compliance; and risk, including data breaches.
Major breaches do happen and have been costly for several organizations. Merchants are responsible for their own security in the PCI DSS ecosystem. It can be complex, and many merchants do not fully understand the inner workings of the standard, how it applies to them, and how to ensure their technology partners are properly securing their data.
As a POS developer for applications that accept payment cards, you must be prepared for a breach to occur and partnering with Vantiv can help reduce the responsibility for handling card data securely. There is no silver bullet to stopping data breaches, but by taking a comprehensive approach to credit card security you can significantly reduce your and your merchants’ vulnerability to internal and external threats.
 Verizon 2014 PCI Compliance Report,” Verizon, http://www.verizonenterprise.com/resources/reports/rp_pci-report-2014-executive-summary_en_xg.pdf