DO NOT check this box if you are using a public computer. User IDs potentially containing sensitive information will not be saved.
Sign on to Online Banking
Sign on to another service:QA
Protecting Cardholder Data
Protecting Cardholder Data Is Good Business
It's all about trust: When customers hand you their credit or debit card or provide their account information, they expect you to safeguard that sensitive data.
Keeping that trust is not only essential for fraud protection -- it's just good business. As you take steps to protect cardholder data, keep these tips in mind:
Keep only what is needed.
Don't store any cardholder data that is not needed to run your business. For example, never store full-track magnetic stripe data, PIN block data and CVV2 once a transaction has been authorized. Under the Payment Card Industry Data Security Standard (PCI DSS), only the account number, expiration date and cardholder name can be stored.
Physically secure printed data.
It's not just electronic data that's vulnerable to thieves. Make sure you securely store any paper receipts, orders, invoices and other printed material that contain the cardholder's full account number. When those records are no longer needed, destroy them in a secure manner (e.g., shredding). Establishing a basic data retention and destruction policy can provide guidance and ensure that you are regularly purging data.
Make sure that any outsiders with access to your business computers (like IT vendors who may connect remotely) are protecting customer data they have access to. Further, consider allowing remote access to your IT system only during scheduled maintenance times, and be sure to disable remote access features when they are not in use.
Maintain a secure network.
If you use a computer to handle cardholder data, make sure you install and maintain a firewall configuration to protect the data. Use (and regularly update) anti-virus software and avoid using this computer for non-business purposes (like surfing the web or accessing web-based personal e-mail accounts).
When customers hand you their credit or debit card or provide their account information, they expect you to safeguard that sensitive data.
Important Information and Disclosures
Merchant Services are provided by PNC Merchant Services Company and are subject to credit approval. PNC Merchant Services is a registered trademark of The PNC Financial Services Group, Inc.
GET IN TOUCH
Banking on the Go
We have tools to help you bank when and where you want.Mobile Apps Directory »
Be part of our inclusive culture that strives for excellence and rewards talent.Visit PNC Careers »
The PNC Financial Services Group, Inc. All rights reserved.