“Security” Posts

What Are AVS and CVV?

What Are AVS and CVV?

When a customer visits your business and pays with a credit card, it’s fairly easy to confirm the legitimacy of the purchase. A diligent cashier could ask to see photo ID to confirm that the person in front of her is, in fact, the cardholder. The name and face should match. However, for card-not-present transactions, merchants must manually key in the credit card number. Verifying the purchaser’s identity is more difficult when you can’t verify it with an ID. Let’s face it: It would be unreasonable to jump on Skype to see each of your online…

What Is PCI DSS?

What Is PCI DSS?

PCI DSS stands for the Payment Card Industry Data Security Standard. Any business or organization that processes, stores or transmits cardholder data is required to adhere to PCI DSS. The credit card brands (Visa, MasterCard, Discover and Amex) created these security standards to prevent fraud and instate industry-wide standards. PCI DSS is updated every year to ensure that it addresses vulnerabilities and reflects new technologies. But it can be both costly and challenging to meet PCI DSS requirements. We’ll dive into the associated costs and methods of getting PCI DSS-certified, along with tips to reduce your exposure. PCI DSS…

How to Process Credit Card Payments After Signature Rule Change

How to Process Credit Card Payments After Signature Rule Change

In late 2017 and early 2018, the card brands revealed a major change to their long-held signature requirements for credit card transactions. MasterCard, Discover and Amex announced they would no longer require signatures for magstripe and EMV transactions beginning in April 2018. Visa announced that signatures would still be required in the event of a chargeback dispute for magstripe transactions, but would be optional for EMV. There are a few motivations for this protocol change. The card brands want to reduce payment friction and hope that eliminating a step in the payment process will entice merchants to upgrade to EMV-ready…

Experiencing TLS Issues? Here's Why

Experiencing TLS Issues? Here's Why

Right now, if you’re using the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) 1.0 protocols, you’re at risk for a data breach. A number of vulnerabilities have been found in this early encryption protocol, causing the card brands to require a security upgrade in order for businesses to meet the Payment Card Industry Data Security Standards (PCI DSS) moving forward. But first, what exactly is TLS? It’s a cryptographic protocol that helps establish secure communication between two systems. It authenticates the systems and protects the confidentiality of the information passing between them. This update…

How the Way We Take Credit Card Payments Will Change

How the Way We Take Credit Card Payments Will Change

We’re all familiar with paper receipts. They’re so ubiquitous that you likely have one in your pocket or in your purse as you read this. For customers, they constitute a proof of purchase in case they want a refund or wish to verify the transaction amount against their credit card statements. For businesses, they provide the only evidence that a credit card payment was authorized, which is why businesses are weighed down by paper receipt copies — sometimes up to seven years’ worth — that are filed, boxed and stored. Signatures have historically been important to how we take credit…