This page contains a Flash digital edition of a book.
Feature
WHAT’S ON THE CARDS TO
AVOID THE ‘COTTON PICKERS’?
Card industry provides useful tips to help retailers
understand the importance of PCI DSS Compliance
BEFORE January this year the Brookes
payment card industry’s Wallace of
‘compulsory’ requirement for all Trustwave
businesses that ‘store, process or (left) makes
transmit’ card data to fall into line a point to
with the catchily-titled PCI DSS by John Wilson,
the end of summer 2008 was editor of
widely regarded as a regulation too Retail Fraud
far, yet another piece of red tape,
or one more fiery hoop for retailers
to leap through.
That was before Cotton Traders,
the mail order retailer set up by ex
England rugby stars Fran Cotton
and Steve Smith, had the wind
knocked out of the business by a
security breach when the credit
card details of around 38,000
customers were hacked. The story
broke in June and there followed a
scrum for more information about
PCI DSS and how to comply.
Panic-stricken businesses scanned industry wants to protect itself, but he adds.
information sources but looking educate the industry through best Protecting data has always been
online and attending any seminars practice examples and good old an issue, but it has never before
on the subject would send fashioned common sense when it been seen as a major threat but
information recipients reeling at comes to protecting the with Chip and PIN reducing face to
the complexity of what one confidential data of the millions of face fraud and the mushrooming of
industry commentator described as card holders, not just in this country, online transactions, the growth of
‘how do you eat an elephant?’ In but around the globe. As Steve Card Not Present (CNP) fraud has
other words, compliance is a big Wilson, VISA’s Head of PCI DSS rapidly grown year on year. The
deal and a big meal and most Compliance told the Retail Fraud benefits of the world wide web are
retailers do not know where to Round Table: “You don’t have to manifold, but so are the drawbacks
start on this ‘mammoth mouthful’. tell a retailer to lock the doors and one of which is the fact that it is an
This is part of the reason Retail put money in the safe at night. The anonymous ‘door’ through which
Fraud got together with industry ideas within PCI DSS are good hackers can pull personal data into
experts to try and demystify the industry common sense, and are the ether from anywhere in the
issue of PCI DSS, which stands for designed to protect the reputation world without the knowledge of
Payment Card Industry Data and profitability of all players the card holder or its provider –
Security Standard. It was within the payment chain.” until it is too late.
established by five of the biggest “Larger retailers are getting their With more retailers opting to
credit card operators: Visa, minds around it because after provide an online store option and
Mastercard, American Express, Cotton Traders it has become clear those who want to avoid expensive
Discover and JCB and is mandated that it is not just ‘geeky kids’ physical overheads, payment
within the industry, although not hacking in to systems for fun, but security is not an option, but a
yet a legal requirement. seriously organised gangs stealing culture.
This is not just because the card card data to order, and for profit. “ In this respect compliance is not
20 • RETAIL FRAUD
Page 1  |  Page 2  |  Page 3  |  Page 4  |  Page 5  |  Page 6  |  Page 7  |  Page 8  |  Page 9  |  Page 10  |  Page 11  |  Page 12  |  Page 13  |  Page 14  |  Page 15  |  Page 16  |  Page 17  |  Page 18  |  Page 19  |  Page 20  |  Page 21  |  Page 22  |  Page 23  |  Page 24  |  Page 25  |  Page 26  |  Page 27  |  Page 28  |  Page 29  |  Page 30  |  Page 31  |  Page 32  |  Page 33  |  Page 34  |  Page 35  |  Page 36  |  Page 37  |  Page 38  |  Page 39  |  Page 40  |  Page 41  |  Page 42  |  Page 43  |  Page 44
Produced with Yudu - www.yudu.com. Publish online for free with YUDU Freedom - www.yudufreedom.com.