A data breach is a serious situation that occurs when an unauthorized party accesses a merchant’s network and steals cardholder data. There are various types of breaches, including network (hacking and skimming); malware and spyware; the physical loss of the card, paper records or a device like a computer or CD; and losses from employee dishonesty. Regardless of how the breach plays out, the result is always the same: Unencrypted personal identifying information is compromised by fraudsters and identity thieves.

Consequently, “data breach protection” are three words that should be foremost in the minds of all businesspeople operating on the Internet — and today, that’s just about everyone. Recent statistics on the tremendous costs faced by merchants who experience a data breach underscore the fact that the stakes are just too high for breach protection to be relegated to your “to do” pile.

Data Breach Security Program

With fraudulent payment card transactions continually on the rise, it’s more important than ever that merchants protect themselves from potentially huge financial losses associated with a data breach.  Renaissance Associates / TransFirst  offers a unique Data Breach Security Program that’s specifically designed to help merchants meet the expenses resulting from a suspected or actual breach of payment card data.

The Data Breach Security Program offers peace of mind to merchants during an extremely vulnerable time with:

  • A forensic audit as required by the Payment Card Industry Data Security Standard (PCI DSS) whenever a data breach is suspected to confirm whether a breach has actually occurred and to pinpoint vulnerabilities in the system.
  • Industry fines and assessments met as required by PCI DSS in the event of an unintended breach of confidential customer information, regardless of how it happens.
  • Issuer-related expenses that cover card replacements costs, credit monitoring and other expenses related to a breach.

Under the Data Breach Security Program, expenses from an actual or suspected data breach are met regardless of the member business’s PCI compliance status as long as the owner is not involved in the breach.

Breach Protection Best Practices

In addition to our Data Breach Security Program, we encourage all of our merchants to protect themselves, their businesses and their customers from data breaches by adhering to the Payment Card Industry Data Security Standard (PCI DSS); this is known as being in PCI compliance, or PCI compliant. The requirements of PCI DSS are focused on boosting security for the storage, transmission and processing of cardholder data.

Beyond PCI compliance, businesses should strive for the tightest security possible against fraud and other data breaches by using standard and advanced detection and prevention tools like those offered by  Renaissance Associates through one of our payment gateways. The gateway secure processing platform is fully PCI compliant, and member merchants have access to fraud prevention tools including Address Verification Service (AVS) and Card Security Code (CVV2/CVC).

They also offer multiple interface options that allow merchants to choose their preferred method for submitting and processing payments securely. For example, the optional Tokenization service hosted payment page reduces your PCI burden by eliminating the need to store sensitive card data by only sending back minimal information such as a transaction ID, reference ID and authorization code.