Keep Credit Card Payments Secure

Recent data security breaches have involved cardholder data in transit. Criminals are using malicious software, or “malware,” including packet sniffers and memory parsers, to access and extract sensitive cardholder data. The software remains active as long as your payment systems remain vulnerable. Adherence to the Payment Card Industry-Data Security Standard (PCI-DSS) mitigates the threat of a data breach. 

Chase Paymentech™ recommends that you:

1. Validate your security procedures with the Payment Card Industry Data Security Standard (PCI DSS).
2. Perform quarterly network security scans by an approved scanning vendor. These scans are non-intrusive tests that involve probing external facing systems and reporting on the services available through your internet connection. 
3. Ensure that you are using a payment application version validated as compliant with the Payment Application-Data Security Standard (PA-DSS). Also ensure that it is configured according to the PCI DSS. 

Additional information about the PCI-DSS, including a self-assessment questionnaire, scanning procedures, a list of approved scanning vendors and a list of validated payment applications can be found at www.pcisecuritystandards.org.

You can also read specific information about recent threats to the hospitality industry in Visa®'s “Data Security Alert for Hospitality Merchants.”

If you have any questions, please contact Chase Paymentech™ at Data_compromise@chasepaymentech.com.