Industry News | June 22, 2009

Popeyes Tackles PCI Compliance

Quick-service restaurants are facing a major challenge: achieve PCI (Payment Card Industry) compliance to protect credit card transactions or face hefty fines for not meeting the guidelines. Financial regulators, banks, and other acquirers that handle the growing flood of credit card transactions are imposing this regulation nationwide and pressuring operators to invest time and money to become compliant.

One prime example of a major quick-service franchise dealing with this issue is Popeyes Louisiana Kitchen. With over 1,900 units throughout the U.S., Puerto Rico, Guam and 25 foreign countries, the company found itself facing a compliance deadline from their acquirer. Understanding the importance of PCI compliance and information security, Popeyes has been working with their franchisees to educate and ensure PCI compliance throughout the brand. Because PCI guidelines are constantly evolving, Popeyes needed to find a comprehensive solution to not only accommodate the corporate restaurants, but which would have the flexibility to provide a solution to their franchisees. SecureConnect was able to acquire Popeyes as a customer because of its ability to provide services such as firewall security, 24x7x365 monitoring and support, Virtual Private Network infrastructure, network segmentation, anti-virus, and logging and reporting services.

Further, as an Approved Scanning Vendor (ASV), BHI Advanced Internet, the provider of SecureConnect, can provide the required PCI certified vulnerability scans and remediation support all as a single-source provider. Simplifying the process by bringing multiple services together through a single vendor allows for easier rollout and integration to the franchisee community. “PCI compliance is about enhancing network security and protecting cardholder data through security best practices,” said Tim Davis, chief information officer for Popeyes Louisiana Kitchen. “Our most valuable asset is our customers and protecting their cardholder information is a top priority.”

SecureConnect delivered Popeyes a turnkey solution that was customized to their operating needs. The PCI packages do not require any up front investment in hardware or software and provide customized services for Popeyes with a low cost monthly subscription. “BHI’s SecureConnect team understood our needs and provided us with the best and most comprehensive package at a very cost effective price,” Davis said.

In 2007 the FBI reported that 10 million Americans lost a total of $52.6 billion through credit card fraud. In the quick-service industry, fraud can put 25% to 60% of all transactions at risk. What’s more, as hackers and identity theft rings become more sophisticated, stricter security measures will be necessary. SecureConnect is active with the PCI Security Standards Council in order to update quick-serves’ systems to stay ahead of new policy requirements.

Add new comment