How to Secure Credit Card Data as a Business

We’ve talked in other episodes about choosing the right merchant credit card processor for your business. Once you have merchant processing in place, it’s important to have best practice security protocols to keep the credit card information secure. Not only is this a best practice for the benefit of your customers but it will also protect you from liability for security breaches. In this episode, Bernard Roesch shares certain mistakes to avoid when it comes to protecting credit card information in your business.

For more information, visit

If you have any questions about this podcast episode, please feel free to contact us.

* Note that this blog post is derived from the transcript of the audio discussion. Please excuse any typos or odd wording.

Mistake #1: Not Following Credit Card Processor Requirements

Technology evolves and credit card processing technology is no different. Your credit card processor will regularly send you information about required upgrades. For example, there may be software updates required to protect from hacking of credit card data. Also, your credit card processor may require hardware upgrades periodically such as the security chips that were released around 2015. Pay attention to information that your credit card processor sends you about updates and be sure to implement updates quickly.

Mistake #2: Not Controlling Access For Processing Credit Cards

It’s important that you control the access that people in your company have for processing payments. For example, if you use QuickBooks, you should ensure that only specific QuickBook users have the ability to process payments in the merchant service. Although credit card processing software has security infrastructure built in, there are certain ways that fraudulent users could use credit card data if they have access to it. Best practice is to minimize the number of people that have access to credit card processing capabilities in your business.

Mistake #3: Collecting Info in an Unsecure Way

When you collect credit card information in your business, it’s important to not record it or share it in places that aren’t secure. For example, writing down credit card information in a non-digital way. It’s generally not recommended. Also you should not store credit card information in any other place other than what is integrated into your merchant processing infrastructure. In the event that you store information in an insecure way and this results in a security breach, you could be liable for this information.

Need Help Configuring Your Merchant Processing Infrastructure?

If you need help configuring best practice security into your merchant processing infrastructure or setting up a credit card processing workflow in your business, contact Bernard today. He has seen many different systems and can help you build an efficient and best practice infrastructure quickly.

You can also visit for more insights that Bernard has been sharing with us in the previous episodes.


Bernard Roesch About Bernard Roesch

Bernard Roesch is co-founder and Managing Partner of Mission Consulting. Bernard’s background in the early years of his career was spent in the manufacturing sector, making his QuickBooks perspective a unique one – he understands the intricacies of a complex environment and then applies his strategic skills accordingly.