Expand / Collapse search
Watch TV
Menu

Quotes displayed in real-time or delayed by at least 15 minutes. Market data provided by Factset. Powered and implemented by FactSet Digital SolutionsLegal Statement.

This material may not be published, broadcast, rewritten, or redistributed. ©2024 FOX News Network, LLC. All rights reserved. FAQ - New Privacy Policy

Published | Updated

Credit Card Security Report Gives Many Merchants Failing Grades

Despite the risk of severe penalties from credit card transaction networks, only 21% of merchants passed a payment security audit conducted by experts from Verizon. The communications company uses both voice and data lines to move data from retailers to bank servers, so it regularly measures how well its clients comply with industry standard security measures.

The latest version of the Verizon Payment Card Industry Compliance Report suggests that most retailers can do much more to prevent credit card numbers from falling into the hands of fraudsters and identity thieves.

Grading criteria

Verizon's report graded organizations on each of the 12 requirements that make up the Payment Card Industry Data Security Standard (PCI DSS). Researchers found that merchants faced the toughest challenges with:

*protecting stored cardholder expiration dates

More On This...

How to Prevent Credit-Card Fraud
Protecting Yourself from Credit Card Fraud

*tracking and monitoring access to saved credit card data

*regularly testing systems and processes

*maintaining security policies

Verizon's researchers found that many merchants felt overconfident about their policies and procedures, often ignoring threats with the highest risk. Small companies often assume their size makes them less likely targets for identity thieves. However, two-thirds of corporate data attacks occurred at businesses with fewer than 100 employees. In its annual report, Visa officials stated that 95% of credit card breaches against its cardholders happen at small businesses.

How merchants can enhance security

Credit card industry analysts at Business Owners Liability Team, a corporate insurance provider, corroborated many of Verizon's findings. For example, BOLT researchers report that merchants can significantly enhance their security by:

*requiring secure passwords

*installing Internet firewalls to detect intrusions

*storing credit card data on fixed servers instead of on laptops

*training employees not to respond to social engineering attempts

*restricting employee access to customer information

BOLT and Verizon both note that companies rarely have the internal expertise to fully detect potential threats. Independent security audits based on the PCI DSS can help owners and managers guarantee the security of customer credit card details, preventing costly chargebacks and lawsuits.

The original article can be found at CardRatings.com:Credit card security report gives many merchants failing grades