In the early days of electronic payments, merchants stored cardholder data (CHD) within their systems for one-time and recurring transactions. Anyone who could access the CHD would see the fully exposed account information. All you could do was hope it did not end up in the wrong hands. In 2001, TrustCommerce created the concept of…
TC CardCurrent™ Is a New Account Updater Service that Assists Businesses with Keeping Clients’ Payment Information Up-to-Date. If maintaining client payment card information is a challenge, take a look at TC CardCurrent™. This new service, helps make this task easier. An account updating product, TC CardCurrent helps merchants keep accurate customer payment card data on file when accepting…
Our secure payment solutions give the insurance industry peace of mind. Insurance is a broad and diverse industry. There are many segments, from commercial to group— automotive, health, pet, home owners, renters, and so on. Oftentimes, each entity has their own set of payment processing needs and requirements. They leverage a variety of customer engagement…
Human error was the leading cause of data security incidents according to the BakerHostetler Data Security Incident Response Report[i]. Often innocent mistakes and the lack of awareness can lead to exposure of sensitive data; introduce entry points for malware; result in theft, and more. It seems as if each month we hear of yet another company being breached.
This year marks TrustCommerce’s 15th anniversary. When e-commerce was in infancy, TrustCommerce was born out of a need to secure electronic payments. In a Wild West of sorts, TrustCommerce was a pioneer of tokenization and encryption to ensure that electronic payments were protected at the point of entry, through transit, and stored securely.
The Payment Card Industry (PCI) Security Standards Council (SSC) has launched a new awareness initiative, Passwords for Payments (P4P), aimed to educate small businesses on utilizing effective password protection. Small merchants are prime targets for data thieves and password protection is one component of a comprehensive security strategy.
Thomas Jefferson wisely said, “Never put off till tomorrow what you can do today.” When it comes to compliance with Payment Card Industry Data Security Standard (PCI DSS) version 3.0, it might be time for merchants to heed Jefferson’s advice. In a recent survey conducted by NTT Com Security aimed at assessing the awareness, acceptance, and understanding of PCI DSS 3.0, the findings were eye-opening:
- Just 30% of respondents said they have reviewed the requirements and have a plan in place.
- 41% stated they had heard of PCI DSS 3.0, but did not have a plan for compliance.
- 70% were unaware of the date by which they need to be PCI DSS 3.0 compliant. 
The short answer is – VERY important. The fact is, the better your technical and infrastructure defenses are, the more likely it is that a social engineering attempt will be made on your people.
In 2013, over 89% of breaches and data loss incidents were deemed preventable through security awareness and execution programs. More relevant, 60% were the direct result of social engineering and other attacks that began with employees that had no substantial access to data. Put another way, 60% of the over one billion records lost in 2013 were the result of employees.
We see signs every day that inform us about safety measures an organization is taking. We have all seen these examples:
- “Premises protected by video surveillance.”
- “This vehicle stops at all railroad crossings.”
- “Driver carries less than $100 in cash.”
- “Caution: Wet floor”
These types of signs are common in business. They show customers, partners, and employees what’s being done to protect the business and help reduce the organization’s risk and liability.