PCI Compliance for credit card data and security for CVV codes are very important topics for agencies. Because it is an important topic for our clients, we want to share an important update related to how Tres will help agencies comply to keep their client data secure.
· Bottom line – PCI Compliance rules state that CVV codes cannot be stored after the CVV code is used for Payment. Because PCI Compliance is very important overall and especially in a hosted environment like Tres, we must make a change in how we’re handling CVVs.
· We wouldn’t be doing the best job for agencies if we designed a program that opened clients up to disputes, chargebacks and created doubt in clients’ minds on PCI Compliance.
Good news! We are developing a better way. Instead of adding the CVV into Tres and not being PCI compliant, we’re adding a Payment Authorization Form into Trips area in Tres. When an advisor needs a credit card and CVV code, they can send a link to a Payment Authorization Form. This will offer better security and proper application of security to protect every agency and advisor.
We are not going to hide our head in the sand and pretend that some agencies are not going to put the CVV code in another field to access when needed. By doing this you are risking your compliance, security, and inviting chargebacks. The payment authorization form helps to reduce your risks.
Sometimes technology leads to change. And sometimes we yearn for the old ways. But this change really does make sense. Better security for you and your clients. Better protection for you from chargebacks and other security related issues. Better credit rates for you. Better security for all.
We’re working on the Payment Authorization Form in the current development cycle with the goal of getting out to clients as soon as we possibly can!
|