The holiday season is fast approaching, and while companies are polishing and refining their promotional activities to get the most out of the busiest time of the year, consumers are facing a dilemma: in-store or online shopping? According to a Computop study, 76% of consumers from the UK and the US are planning to do their holiday shopping online because of its convenience and ease.
Consumers are concerned about their data security
A strong concern to online shopping is the security of the payment process. How secure are consumers’ credit cards and bank information in the hands of e-stores? How much sensitive information are customers willing to disclose? 74% of respondents to the Computops survey are anxious about disclosing their sensitive data, with 45% of them admitting it’s “a major concern”. On top of that, news of payment card fraud (like the recently discovered online skimming attack that affected 5925 online stores) and cyber attacks have made consumers so wary that 57% “would not shop with a retailer that had recently experienced a data breach”.
The PCI DSS reduces card fraud and increases credit card data security
To decrease payment card fraud across the Internet and increase payment card data security, all organisations, regardless of size or number of transactions, that accept, transmit or store payment card data, must comply with the PCI DSS. The Payment Card Industry Data Security Standard requires companies to:
- Build and maintain a secure IT network;
- Protect cardholder data;
- Maintain a vulnerability management programme;
- Implement strong access control measures;
- Regularly monitor and test networks;
- Maintain an information security policy.
How to attain compliance with expert help
Attaining compliance can be daunting for organisations with little or no knowledge of the Standard. IT Governance’s PCI DSS consultants can provide assistance, from the production of a structured framework through the compliance process, relieving pressure while enabling you to continue your business operations.
IT Governance is a PCI Qualified Security Assessor (QSA) company and CREST-accredited penetration testing provider with extensive experience and a solid track record of PCI DSS compliance projects.
Or call us on +44 (0)845 070 1750 to discuss your PCI DSS compliance requirements.