JOHANNESBURG – Ever wondered where every credit card transaction is recorded and stored and how secure that data is, especially after the hardware on which that data is stored reaches end-of-life?
If this data is compromised and lands in the wrong hands, it could have catastrophic consequences for not only the company concerned but for the banks and consumers alike.
Uber is facing a $148 million (R2bn) fine for failing to disclose a massive data breach in 2016, marking a costly resolution to one of the biggest embarrassments and legal tangles the ride-hailing company has suffered.
Experts say not many companies are aware of the Payment Card Industry Data Security Standard (PCI DSS) that requires them to follow the policies and procedures to protect this data. The Payment Association of SA (PASA) has been appointed by the government and the Reserve Bank to implement and regulate PCI DSS.
There is also an overlap with the Protection of Personal Information Act 2013 (PoPI) that stipulates how companies may collect, handle, store and discard information.