Ready for a restaurant point of sale credit card PCI security audit?

Security rules on credit cards for restaurants

The credit card industry has been coming down hard on tens of thousands of restaurants that have not sufficiently protected diners’ credit card data from potential theft, with Visa, MasterCard and financial organizations that process electronic payment over recent months sending warnings letters and holding seminars. With these moves, it forces restaurants to take actions on how to further safeguard their diners’ credit card information.

On the side of companies that process card transactions, there are thousands of eateries that are not complying with credit card industry security rules.  For as long as a food service establishment takes plastic, they are required to follow a set of security regulations instituted by Visa, MasterCard, American Express and Discover.

In the data recorded by Visa indicates that since January of 2005, restaurants made up around 40 percent of incidents in which criminals gained unauthorized access to credit card information — accounting for the largest percentage of incidents for a merchant category.

Separately, there are reports from a Chicago-based data security auditor, AmbironTrustWave, for merchants that 62% of the security violations it witnessed during the prior 18 months occurred in the restaurant industry.

These violations includes various security lapses such as the poor guarding of wireless networks — which easily enable thieves to access sensitive information just outside of the parking lot using a laptop — and the lack of strictness to their systems that make it possible for unethical employees to grab credit card information.

Consumers often are unaware when their credit card information is in danger. Not all security breaches produced successful fraud, and mostly, merchants do not recognize these these incidents unless there’s a significant probability that a major fraud has already been identified or about to take place. In addition, issuers of credit cards don’t usually close a customer’s account except if fraud has taken place.

Restaurant owners may have a difficult time with credit card security rules, since its regulations can be very hard for small sized businesses. Hearing from the restaurant owners who thought they complied with rules, the National Restaurant Association trade group found out their systems were not functioning properly and were penalized.

Over $100,000, in some cases, is the fine for restaurants that violated credit card industry rules by storing credit card information. In 2006, Visa fined merchants across all categories 4.6 million for security violations, an increase from the 3.4 million in fines the previous year.

Visa, believes a merchant group needs additional attention, held special security briefings with several hundred restaurants.

At the same time, companies that process credit card transactions are also turning up the heat on restaurants. These companiesthreatened those who do not follow security regulations that they will end their services.

Credit card companies are especially worried about specialized software restaurants use, which combine such features as tabulating bills, delivering orders to the kitchen and tracking reservations. Since credit card companies cannot require software makers to abide by their security rules, they instead apply pressure to restaurants. Visa’s web site maintains a list of software programs that meet its requirements.

But software makers that even with the best software, restaurants could still be in heaps of trouble if they disregard password protection or firewalls. Software companies say it is not up to them to let restaurateurs know what they must do to be in compliance with credit card rules.

The author of this article is the VP of Customer Relations at POS-For-Restaurants.com with over 20 years experience helping restaurants nationwide increase their efficiency and bottom-line profits using restaurant POS systems.

You may visit POS-For-Restaurants.com for more information on how our national network of restaurant point of sale experts can help your business achieve greater success in these difficult economic times.