Credit-Card Security: Equipment Location

A recent report released by Retail Decisions indicated that, in 2008, financial fraud attempts increased by 40% on the Friday following Thanksgiving (Black Friday) from the year before.

At this time of year it’s worth refreshing ourselves on some of the simple things that businesses can do to prepare for the busy holiday season and protect their payment-card transactions from card fraud. One of the easiest things for merchants to examine is their physical security.

By only using technology and devices vetted for their security, locating card transaction equipment out of the reach of those with criminal intent, and ensuring the physical integrity of that equipment, companies can reduce the risk of card fraud. Consider the following tips:

1. Some equipment and software applications may be unknowingly storing card data—a target for thieves. Ensure that the payment software and magnetic-stripe readers and terminals you use have been approved and are on the PCI Security Standards Council’s lists of approved payment software and approved PIN transaction security devices.

2. Review all transaction equipment and payment terminals to ensure that all seals are intact and no tampering is evident. If you suspect tampering, do not use that equipment and have a qualified individual investigate the device.

3. You might be installing some temporary sales desks over the holidays. Be sure to design payment locations with the intent to limit customer access to payment technology by physically securing or alarming all remote or self-service terminals.

4. Ensure ATMs are well-lit and meet industry standards.

Bob Russo General Manager PCI Security Standards Council Wakefield, Mass.

Before it's here, it's on the Bloomberg Terminal.