By Ryan Beck, ClientPay General Manager
When your firm accepts debit and credit card payments from your clients, you agree to take the necessary steps to protect cardholder data. The payments industry (MasterCard Worldwide, Visa International, American Express, Discover Financial Services, etc.) requires all entities that store, process or transmit cardholder data to comply with security standards that safeguard card information during and after financial transactions.
Is your firm doing all it can to protect your clients’ credit card information and maintain a secure payment processing environment? Review the Payment Security Checklist below to find out:
- Verify your payment processing providers are Payment Card Industry Data Security Standards (PCI DSS)
- Avoid writing credit card information on paper or storing recurring payment information on insecure networks.
- Encrypt the transmission of cardholder data across open, public networks.
- Limit, track and monitor employees’ access to cardholder data.
- Assign a unique ID to each person with computer access at your firm.
- Maintain a policy that addresses information security and conduct team training to ensure staff compliance.
- Do not use vendor-supplied defaults for system passwords and other security parameters.
- Install and maintain a firewall configuration to protect sensitive cardholder data.
- Use and regularly update your anti-virus software.
- Regularly test security systems and processes.
There are a few additional steps your firm can take to improve payment processing security while enhancing A/R processes overall:
Utilize an integrated payment processing solution, such as ClientPay®, with state-of-the-industry security features built into the technology. Systems like ClientPay limit firms’ scope of PCI compliance because cardholder data is automatically encrypted and is never stored within the firm’s walls (physical or virtual). An electronic “wallet” feature can support recurring payment processing while restricting credit card data visibility. Integration also offers the added benefits of streamlining the steps involved in payment processing, as well as reducing data entry redundancy and costly errors.
Set up an online ‘click to pay’ option for your clients through a secure website portal. This can be a big time saver for both your firm and your clients and provides an added level of security because your staff never has to handle card information.
Payment processing can seem complicated. ClientPay, a Thomson Reuters Elite Product Partner for integrated payments, is happy to be a resource to answer your questions.