Speaking to merchants at the National Restaurant Association (NRA) Show, the PCI Security Standards Council (PCI SSC) announced the formation of a dedicated global taskforce to help improve payment data security for small businesses. Co-chaired by Barclaycard and the NRA, the Small Merchant Taskforce will collaborate on guidance and resources that simplify data security and PCI Data Security Standard (PCI DSS) compliance for some of the most vulnerable businesses preyed upon by cybercriminals.
Small merchants are highly prized targets when it comes to cyber attacks and hacking. These businesses typically do not have the technical knowledge or resources to understand how to apply PCI Standards to protect payment data against today’s threats.
“Though incidents of fraud are low, it’s small merchants that are particularly vulnerable to attack from hackers. They usually have very limited resources and technical expertise at their disposal, and often lack the necessary tools, information, and education to recover and prevent them. Helping these businesses will be a key focus of the taskforce’s efforts,” says Barclaycard payment security manager Phil Jones, who’s co-chairing the taskforce. “By working together we aim to provide practical ways to help improve the security of smaller merchants, reduce their risks, and make the experience of PCI DSS compliance quicker and less complicated for them.”
“Payment security is a top priority for the restaurant industry as more of our customers move toward utilizing card payments when dining out,” adds David Mathews, taskforce co-chair and general counsel for the NRA. “America’s restaurants continue to be targeted by cybercriminals, with many of these data breach incidents occurring at smaller restaurants. We’ve been working with our membership to educate them about the proper tools needed to develop and maintain a secure payments environment. We are looking forward to continuing our mission with our members and the PCI Security Standards Council as part of the Small Merchant Taskforce.”
The taskforce will rely on cross-industry expertise to develop resources that help small merchants understand why and how to protect payment card data and resolve risks to their businesses. Specifically, the group will provide:
· Best Practices: Recommendations on what is needed to protect the payment environment, including working with security assessors, vendors, and service providers
· Simplified Guidance: Easy-to-understand content and resources unique to small business needs that will help them take advantage of PCI best practices, standards, training programs, and solutions
· Market Insight: Ongoing input to PCI Council on current trends, issues, and concerns for small merchants
“Even the simplest of steps can help these businesses reduce their chances of being breached,” says PCI Security Standards Council chief technology officer Troy Leach. “By working with merchants and organizations that have direct relationships with small businesses, such as Barclaycard and the National Restaurant Association, we’re redoubling our efforts to improve payment security resources that can ease the process for small businesses.”