Does your business ask your customers for their credit card numbers at any time during the sales process? If so, it’s essential that you honor the privacy of your customers’ private data as well as stay in compliance with the Payment Card Industry rules.
- Never ask a client to send a credit card number via unsecure email.
- Never take down a credit card number over the phone on paper before entering it into your system. If you do, you need to shred the paper immediately.
- Don’t ask clients to take a photo of their credit card to send to you.
- After a client has signed and completed the credit card authorization form, you will need to provide a secure, encrypted email connection for them to send it back to you. Alternately, you can set up a private client portal for them using Box, DropBox, ShareFile, or another generic portal or file transfer app. Just sending a pdf via email is not a great idea unless the PDF is password-protected and the password is sent via secure, encrypted email.
- Once you’ve received the form on your end, you’ll need to keep it in a secure place. If you print or download it, you’ll need to follow physical building security protocols to stay in compliance with PCI as well as to protect the customer data.
You can count on us to count for you!
Email: bstonercpa@sbcglobal.net Phone: 818-317-6035 Website: www.briantstonercpa.com
SELECTED TO THE FORBES TOP 100 MUST-FOLLOW TAX TWITTER ACCOUNTS FOR 2019
ALSO CHOSEN AS ONE OF TOP 18 TAX SERVICES IN LOS ANGELES FOR 2019 BY EXPERTISE.COM!
has been featured on



https://twitter.com/bstonercpa