Credit card security - you asked for what?!
Veritape is constantly helping companies to secure their customers’ credit card data. Usually, that involves using our PCI DSS compliance approach to ‘bleep’ the 16-digit card numbers from recorded telephone calls, along with the 3-digit “CVC” (security code on the back of your card).
Obviously, Veritape staff have a shared understanding that customer data is sensitive, and that credit card security devices like the CVC and a customer’s PIN are in operation to protect cardholder transactions and decrease fraud.
So imagine the surprise of a Veritape staff member (at lunch with a senior Vendorcom representative in London - let’s call him “Paul Rodgers”) when he heard the waitress ask Paul (kindly paying the bill) what his PIN number was, so she could enter it into the payment terminal. Amazing.
Paul (an expert in payment security guidelines), proceeded to take the payment terminal from the waitress, and enter his own PIN - very sensible. But he then followed up with a series of questions to the waitress, which determined that she fairly regularly enter PINs for customers.
It’s obvious that not all people (despite the constant mantra “keep your PIN secret” from banks and card issuers) do keep their PIN secret. If they did, London Waitress wouldn’t have had any success in the past, entering PINs.
Veritape would hope that this was a one-off occurrence, but we’re not so sure. If you’ve ever been asked for your PIN, drop us a line.
And in the meantime, if you run a business with customer-facing staff who swipe cards through payment terminals, please PLEASE drum into them that the customer should be the one entering their PIN!