Record GDPR fine provides stark data and payment protection warning to business owners
Payment card data is the ultimate reward for hackers therefore businesses need to look at all areas of potential vulnerability
With reports confirming that British Airways will be fined £183 million by the Information Commissioner’s Office (ICO) following a significant data breach last year, PCI Pal’s CEO James Barham is encouraging businesses and contact centres to step-up data protection processes and utilise descoping payment security technologies, so no sensitive card data is available to hackers.
It was reported that approximately 380,000 transactions were affected in the breach, with compromised data including names, email addresses and some credit and debit card information.
James Barham, CEO of PCI Pal responds:
“Payment card data is the ultimate reward for hackers therefore businesses need to look at all areas of potential vulnerability in both their systems and processes. It is vital to identify solutions that can prevent such breaches from occurring, which will not only help avoid hefty financial penalties, but also the loss in customer confidence and reputational damage.
“Today, businesses can avoid storing payment card data by using descoping technologies. If integrated into contact centres, sensitive data will never enter the enterprise when payments are transacted over the phone, meaning the risk is removed.
Concludes Barham: “By using the right secure payment technologies to simplify a company’s route to PCI compliance, ultimately data security is improved so much so that it is as though card data is not handled in the first place. Additionally, utilising technology in this regard clearly demonstrates to customers that the company they are dealing with has taken steps to secure their data.”
PCI Pal is the specialist provider of secure payment solutions for contact centres and businesses taking Cardholder Not Present (CNP) payments. PCI Pal’s globally accessible cloud platform empowers organisations to take payments securely without bringing their environments into scope of PCI DSS and other card payment data security rules and regulations.
With the entire product portfolio served from PCI Pal’s cloud environment, integration with existing telephony, payment, and desktop environments are simple and light-touch, ensuring no degradation of service while achieving security and compliance.
For additional information on PCI Pal visit their Website