How Can You Become More PCI Compliant?
How can your hotel become more PCI compliant?
With a continuously evolving technology landscape, hoteliers must rely on their own skills and team members to remain protected and safe from cybercriminals and fraudsters.
When it comes to cybersecurity, it always pays to be proactive. Don’t wait until a breach happens to make changes to your security plan and implement measures to keep your guests’ information safe.
What are some actionable things you can do at your hotel?
EMV Chip Readers
If you haven’t already, work toward implementing EMV chip readers into your property. EMV, which stands for Europay, Mastercard, and Visa, is a global standard for cards equipped with computer chip technology as well as the terminals used to authenticate chip-card transactions.
EMV chip readers can help prevent fraudsters from using “skimmers” to replicate cardholder data and create false credit cards. Skimmers are devices that can be installed easily over existing payment terminals and are used to collect information from the cards used in transactions. A fraudster can then use the data to create fake credit cards.
Additionally, it’s easier to collect data from stripe cards than the more secure chip card – the magnetic stripe on cards holds all the information for the cardholder, including the PAN, name, address, and CVV, and is easily stolen by criminals using a skimmer.
How EMV chip cards and terminals help reduce fraud:
- Much harder to duplicate a chip card
- Minimizes the use of swipe for chip compatible cards (which would be fake)
- Minimizes the ability for thieves to use stolen cards in-store
Beginning in 2015, there was a liability shift and merchants who haven’t switched to a chip card are now liable for fraudulent card use. Previously, the issuing bank was liable.
The shift has had a huge impact (as reported by Visa):
- Counterfeit fraud has dropped by 76% for merchants who completed the chip upgrade.
- Over 2.9 million merchants now accept chip cards, representing 63% of US storefronts.
- In March 2018, 97% of card-present Visa transactions involved EMV cards.
Merchants like the check-out process to be as seamless as possible, often prioritizing this over data security. This is especially true of the hospitality industry where the guest experience is the highest priority.
Sadly, hoteliers often choose not to perform many or any validations at check-out and will take the risk of fraud over the risk of losing a guest. This mindset needs to be changed, and security must become a priority when it comes to guests’ information and payment details.
To learn more about how your hotel can become more PCI compliant, download our Definitive Guide to PCI Compliance Part II: Hotels.