Important data storage change

by

Important changes regarding credit card data storage.

Due to the ever changing PCI landscape and increasingly stringent PCI rules and regulations, moving forward StoreSecured will no longer store full credit card numbers. Storing this information causes increased potential risk and PCI burden for StoreSecured and all our merchants.

Effective 9/1/2016 ONLY the last 4 digits will be stored for new transactions.  All existing full credit card numbers stored in the system will be removed by September 16.

For merchant using No Processor, (manually processing credit cards)

Please note that this means that StoreSecured will no longer support offline manual credit card processing due to the requirement to access the full credit card numbers for doing so.  Instead we recommend the usage of one of our low cost gateways for real time processing such as Braintree or PayPal.  See general–>payments–>gateway.  All merchants using no processor have been contacted previously about this change.

For merchants using a real time payment gateway

Please note that the credit card information is NOT required for credits, voids or refunds.  The last 4 digits of the card number will be saved for reference purposes and also for a few gateways who require the last 4 digits for refunds and captures.  In addition most gateways provide a way to re-charge a customer who has already made a purchase through your store, thus making access to the credit card information not necessary.

Merchants, your PCI compliance scope should be reduced with the removal of access to this sensitive information which may mean less strict requirements and an easier yearly questionnaire.

For any questions, comments or concerns regarding these changes please contact us via the support system or at support@storesecured.com

Advertisements

%d bloggers like this: