Do I have to be PCI compliant as a merchant?

If you are asking yourself: “Do I have to be PCI compliant as a merchant?”, I’d love to ask you something in return first:

Do you accept credit or debit cards from your customers? That is, any kind of cards from Visa, Mastercard & Co?

If yes, you must (should) be certified according to PCI DSS.

If, on the other hand, you do not offer your customers any payment options with credit or debit cards, then you are not obliged to be PCI certified or PCI compliant.

Regardless of this, I would still recommend that you look into PCI DSS and its security features. The reasons for that you can find in this article.


Continue ReadingDo I have to be PCI compliant as a merchant?

Qualified Integrator and Reseller: Who needs a QIR and why?

Protect customer data and process card payments securely – with a “qualified installation” by a QIR

As a Qualified Integrator and Reseller (QIR), we support you with the installation, maintenance and compliance with security standards for payments with credit cards or debit cards. Compliance with these standards is mandatory as defined by the major card schemes. It is designed to protect card data from fraud and theft.

In this article you will learn who needs a QIR and what advantages it gives you as a merchant and also as a customer.


Continue ReadingQualified Integrator and Reseller: Who needs a QIR and why?

CNP Transactions: Performing Secure Card Transactions

How you, as a merchant, can prevent fraud in card not present transactions (CNP Transactions) conducted via the Internet or (mobile) phone.

With CNP – or “card not present” – transactions, the seller neither comes face-to-face with the customer nor physically handles the credit or debit card. This is the case, of course, anytime a payment transaction doesn’t take place onsite at your shop.

CNP transactions encompass all online purchases in online shops as well as online bookings paid for with a credit or debit card. This includes payments made over the telephone (yes that still exists for teleshopping or booking a trip, for instance), e-mail, fax and postal orders from a catalog.


Continue ReadingCNP Transactions: Performing Secure Card Transactions

Online Skimming and Ensuring Security for Online Payments

What is online skimming / e-skimming and how can I prevent attacks?

Online skimming (also “e-skimming”, “web skimming” or “digital skimming”) is a form of online payment card fraud. There has always been a risk of card data being accidentally disclosed to fraudsters when entering payment data for an online purchase. While various safeguards have made this less likely, the fact is that online fraudsters have also upped their ante.

The number of online purchases has increased dramatically over the past twelve months due to Covid-19 and concomitant shop closures. And not only are more people buying online, the number of online shopping sites has also skyrocketed over the course of a year. To accommodate their customers, in particular quite a few small merchants have established online shops in addition to their brick-and-mortar stores. And my suspicion is that some have done so with undue haste.

This article is about online skimming, what this entails and precisely how you – as a merchant – can protect yourself and your customers against it.


Continue ReadingOnline Skimming and Ensuring Security for Online Payments

8 Tips for Merchants: Protecting your customers’ card data

Protecting your customers’ card data, sensitive as it is, is one of the top priorities when it comes to payment processing. The new reality that Covid-19 has brought is forcing many small businesses to rethink the payment methods they had in place up to now.

Until the beginning of 2020, cash was often the main means of payment in smaller retail shops (in Germany) with plenty of foot traffic. To survive weeks-long store closures and subsequent shopping restrictions, many retailers were obliged to offer their customers online and telephone ordering options.

To help contain the spread of Covid-19, customers also increasingly resorted to contactless payments. Card-issuing institutions quickly responded to this trend by raising the maximum contactless transaction limit – without authentication – to up to € 50.00.

This article is meant for small(er) to medium-sized retailers or companies.


Continue Reading8 Tips for Merchants: Protecting your customers’ card data