PCI Compliance – Part 2
https://squareup.com/guides/pci-compliance
As a Part 1 of my blog last week, I explored what PCI compliances were and how organizations play a role. Merchants are required to follow PCI-compliance regulations such as “establishing data security policies for your business and employees to removing card data from your processing system and payment terminals” (Square).
There are a couple of places that data can be stolen, as outlined by Square: compromised card readers, insecure payment system databases, recording entry of authentication data, and a secret tap into your store’s wireless or wired network. PCI compliances aim to provide guidelines so that a business’ payment processing life cycle is secure.
Square also follows the PCI standards including having an “integrated payment system [that] provides end-to-end encryption for every transaction at the point of swipe and tokenizes data once it reaches our services” (Square). Instead of directly communicating with a bank, Square provides the hardware, software, and relationship with banks so that small business owners can focus on other activities aside from payment compliance. This is ultimately their competitive advantage and why Square is so popular amongst up and coming businesses around the nation.