• Home
  • Services
    • Cash Flow Forecast
    • PPP Loan Forgiveness Assistance
    • Accounting Services
    • Tax Preparation and Planning
    • Tax Resolution
      • When Your Spouse Owes the IRS
    • Bookkeeping
    • Payroll
    • Advisory Services
    • Consulting for QuickBooks®
    • Training for QuickBooks®
    • Xero Cloud Accounting
    • Cloud Accounting
  • QuickBooks Products
    • QuickBooks Online
    • QuickBooks Online Advanced
    • QuickBooks Desktop
    • QuickBooks Enterprise Solutions
    • QuickBooks Point of Sale
    • QuickBooks Payments
  • Industries
    • Services
    • Construction
    • Medical and Health Care
    • Real Estate
    • Non Profit
    • Retail
    • Restaurant
    • Manufacturing
    • Wholesalers and Distributors
    • eCommerce
  • Resources
    • Resources
    • Mobile Accounting
  • Testimonials
  • Blog
  • About
    • About
    • Send Us Your Referrals
  • Contact
928-337-3372
carol@carolsmithcpa.com
October 10, 2019

Protecting Clients’ Credit Card Numbers

Carol Smith Business Tips

Does your business ask your customers for their credit card numbers at any time during the sales process?  If so, it’s essential that you honor the privacy of your customers’ private data as well as stay in compliance with the Payment Card Industry rules.

Every business that has an account with a merchant services vendor is required to follow PCI (Payment Card Industry) compliance when collecting and storing credit card data. There are many different levels of compliance depending on the technology you use to capture and store credit card data.  These levels depend on whether you use a point of sale terminal, the customer hands you their card, orders are entered through an online shopping cart, or a combination.

In all cases, there are several no-no’s that you’ll want to share with your staff to make sure they are properly trained:

  1. Never ask a client to send a credit card number via unsecure email.
  2. Never take down a credit card number over the phone on paper before entering it into your system. If you do, you need to shred the paper immediately.
  3. Don’t ask clients to take a photo of their credit card to send to you.

If you need to use credit card authorization forms in your business, you’ll need to consider the proper collection of these forms as well as the proper storage. Storing a credit card outside any system requires you to follow further PCI compliance steps.

  1. After a client has signed and completed the credit card authorization form, you will need to provide a secure, encrypted email connection for them to send it back to you. Alternately, you can set up a private client portal for them using Box, DropBox, ShareFile, or another generic portal or file transfer app.  Just sending a pdf via email is not a great idea unless the PDF is password-protected and the password is sent via secure, encrypted email.
  2. Once you’ve received the form on your end, you’ll need to keep it in a secure place. If you print or download it, you’ll need to follow physical building security protocols to stay in compliance with PCI as well as to protect the customer data.

It’s not a surprise that so many credit cards get hacked each year.  It’s inconvenient to customers and vendors when their credit card gets compromised, and much of this can be prevented through proactive and safe measures. Respect your customers and help them keep their credit card data safe.

Avoiding Accounts Payable Errors: What to Watch Out for Using Custom Fields in Your Accounting Software

Related Posts

Blog, Business Growth, Business Tips

Should Your Business Become Cash-Free?

Accounting, Blog, Business Tips, News

PPP January 2021 Update

Business Tips, News

The Paycheck Protection Program (PPP) Loan and the Economic Injury Disaster (EIDL) Loan

Monthly Archives

Categories

  • Accounting
  • Blog
  • Bookkeeping Tips
  • Business Development
  • Business Financial Planning
  • Business Growth
  • Business Tips
  • Cool Tech Tools
  • Cost-Savings Tips
  • Customer Service Tips
  • Decision-Making Tips
  • Expense Reduction Tips
  • Management Tips
  • News
  • Payroll Tips
  • Personal Development
  • Profitability Tips
  • Tax
  • Time Management Tips
  • Uncategorized
  • Home
  • Services
  • QuickBooks Products
  • Industries
  • Resources
  • Testimonials
  • Blog
  • About
  • Contact
  • Pages

Contact Us

Tax Services, Accounting Services and services for QuickBooks®

Carol E. Smith

37000 Highway 61, Suite A Concho, AZ
928-337-3372

carol@carolsmithcpa.com

Client Login

Concho, AZ CPA Firm Client Login


Intuit, QuickBooks, and QuickBooks ProAdvisor are registered trademarks of Intuit Inc. Used with permission under the QuickBooks ProAdvisor Agreement.
Copyright Carol E. Smith 2020 | Site Design by Accelerator Websites