PCI DSS
PCI DSS is a security standard for card handling that has been developed by Visa and MasterCard. All companies that handle card information are obligated to follow the security standards set by PCI DSS; Banks and PSPs as well as merchants. PCI DSS stands for Payment Card Industry (PCI) Data Security Standard (DSS).
Stolen card information has long been a problem for the card industry. PCI DSS aims to make card handling safer and thereby to minimize the risk for card frauds.
The advantage for your company is that the risk for financial losses, for example in the form of compensations or fines, decreases if you have a better knowledge of how to handle card information in a safe way. Your bank can give you more information about which exact obligations you have.
Security advice for your payment terminal
Keep your receipts stored in a safe place, preferably locked away. Also make sure that no unauthorized person can use your payment terminal. Change the standard security code on the terminal. The security code is needed e.g. in order to make returns, and since returns are drawn directly from your bank account, it is important that only authorized personnel can do make returns from your terminal.
Security advice for Internet trade
If you are running an Internet store, you must protect your network with a fire wall and ensure you have updated antivirus software. It is also important that all card information that is transported over public networks is encrypted. If you are using a PSP, ensure that it is has been approved by PCI.