22 Feb How mobileAxept Ensures Security & Peace of Mind in Text and Online Giving
We know that security is absolutely top of mind for our clients. That’s why we partner with Bluefin Payment Systems to support data security in our giving ecosystem. Read on to learn what steps we take to make sure we stay up to date with Payment Card Industry Data Security Standards (PCI DSS) to protect our most important asset: You.
For any ministry accepting, processing, storing or transmitting credit card information, PCI compliance may be a familiar term. But with the ever-evolving world of payments and the security practices surrounding it, a review of who PCI Security Standards Council is, their standards, and how their requirements work to secure cardholder information is never a bad idea.
Although mobileAxept has not experienced any data breaches, 2017 marked a record year for data breaches. A reported 1,579 breaches and over 178 million records exposed, that averages about four data breaches PER DAY for 2017. These stark facts are a good reminder of why payment security matters, and perhaps no organization understands that more than the PCI Security Standards Council (PCI SSC), otherwise known as the gold standard payment security.
The PCI Security Standards Council—a global organization that maintains, evolves and promotes Payment Card Industry standards for the safety of cardholder data across the globe—serves anyone associated with payment cards, including merchants of all sizes, financial institutions, point-of-sale vendors, and hardware and software developers who create and operate the global infrastructure for processing donations.
Founded in 2006 by American Express, Discover, JCB International, MasterCard and Visa Inc. – who share equally in governance and execution of the Council’s work – the PCI SSC manages the ongoing evolution of the Payment Card Industry Data Security Standard (PCI DSS), with a focus on improving payment account security throughout the donation transaction process. The PCI DSS offers a robust security process; this includes prevention, detection, and appropriate reaction to security incidents. So that all companies that accept, process, store or transmit credit card information maintain a secure environment.
Why PCI is Important to Your Ministry
As stated by the PCI Council, a breach or theft of cardholder data affects the entire payment card ecosystem. Customers suddenly lose trust in merchants or financial institutions, and their credit can be negatively affected — there is enormous personal fallout. Merchants and financial institutions lose credibility (and in turn, business), and they are also subject to numerous financial liabilities.
Most times, organizations don’t realize the importance of PCI compliance until it’s too late, and the fallout from a data breach is so staggering that often organizations cannot fully recover from the damage, which can include:
- Lost confidence, so customers go to other merchants
- Diminished sales
- Cost of reissuing new payment cards
- Fraud losses
- Higher subsequent costs of compliance
- Legal costs, settlements, and judgments
- Fines and penalties
- Termination of ability to accept payment cards
- Lost jobs (CISO, CIO, CEO and dependent professional positions)
- Going out of business
Secure Your Data with PCI DSS
The PCI DSS applies to ANY minsitry, regardless of size or number of transactions, which accepts, transmits or stores any cardholder data, so it is imperative that these organizations know what to do to satisfy PCI DSS requirements.
(The PCI SSC website provides a library or resources, and the PCI DSS standards can be accessed here.)