PCI Basics for Small Merchants

PCI Basics for Small Merchants

In 2015 the PCI SSC created the Small Merchant Taskforce, a cross-industry consortium of payment
security experts, merchant groups and small merchant advocates, to create educational material and
suggested next steps to assess risk within a small business environment. The Taskforce drew from
their collective payment security and small merchant expertise to create PCI Data Security Essential
Resources for Small Merchants, a series of resources to help small merchants focus on essential
payment data security practices needed to protect payment data and reduce risk in their business
environment.

As part of that series, PCI SSC created PCI Firewall Basics, a one-page infographic providing
guidance on firewall configuration basics.

firewall basics

TLS Security Is Important!

TLS Security Is Important!

With all the recent stories about security breaches, you may be wondering what you can do to help secure your data and communications. Transport Layer Security, also known as TLS, is a procedure that provides privacy and data integrity between multiple applications in your systems. TLS is used to create a secure environment for web browsing, emailing, or other applications. Websites are able to use TLS to keep all communication between their servers and web browsers secure. For organizations that store or process payment information, using TLS version 1.2 is a requirement of the Payment Card Industry Data Security Standard. This standard was created by the PCI Security Standards Council to protect cardholder data. No single security measure will fully protect your organization from unauthorized data breaches, but implementing security protocols like TLS can reduce the chance of such threats.

How does your security impact your daily work day?

When it comes to your computer, your web browser may need to be updated. Whether you have Internet Explorer, Chrome, Firefox, etc, check to make sure your computer is installing these updates automatically. When it comes to your payment software, if it stops working, you may need to do an update or even upgrade your software. Contacting your software provider with any issues can be a big help.  Some businesses run a standalone credit card terminal. If this stops working, you are going to want to contact your local sales office or merchant service provider as you may need a new file to be downloaded into the terminal.

The goal of TLS procedures are security and efficiency. Are you wondering if your browser is supported? This link will show you a list of supported browsers:

https://www.ssllabs.com/ssltest/viewMyClient.html