South Africa Mandating Compliance For E-Payment Security

South Africa Mandating Compliance For E-Payment Security

In an effort to increase security around electronic payments, South Africa is mandating that all merchants who store or transmit credit card information comply with security rules by the end of 2013, according to a report in AfricanBusinessReview.

The Payments Association of South Africa has mandated that merchants of all sizes comply with payment card industry security.

While the compliance is not law, the standard was created by major card brands such as Visa and MasterCard, and merchants who do not comply may be subject to fines, card replacement costs and forensic audits, should a breach occur, the report said.

Around 70 percent of transactions in South Africa are cash based.

“As compliance standards are enforced, so consumer confidence in electronic payment methods will increase,” said Vaughan Alexander at Innvervation Value Added Services. “This will result in more cash being taken out of the system, reducing cash-related costs, which amounts to around one to two percent of GDP.

“The ultimate goal of … compliance is to ensure the consumer is protected and to do this, companies must ensure that they are in line with international best practice standards when it comes to their processing technology and security.”

Although compliance could be costly, Alexander said that the standard should be viewed in a positive light. “At the end of the day, compliance ensures that consumers can transact safely – and that is ultimately what retailers, both large and small hope to achieve,” he said.

Black Americans Have the Highest Mortality Rates But Lowest Levels of Life Insurance
Are you prioritizing your cable entertainment bill over protecting and investing in your family?
Smart Policies are as low as $30 a month, No Medical Exam Required
Click Here to Get Smart on Protecting Your Family and Loves Ones, No Matter What Happens

Merchants must reach six milestones, including two by Sept. 15.

Rigorous standards have been set for both IT hardware and software and companies will be measured on whether or not there are effective external measures in place that prevent intrusion and in instances where customers’ information is stored, it must be done in a secure manner, Alexander said.

Retailers must show that employee security measures such as secure passwords, work station lockdowns and single sign-on management are in place.

Merchants also have to ensure that the process of consumers making payments using payment cards remains secure.

Alexander warned that there will likely be an even greater focus on security as compliance continues to evolve.

“Chip and pin card technology is penetrating the market at a rapid rate, and PASA has already increased their requirements surrounding online retail sites and 3D secure,” he said. “We believe that there is a definite move by the regulator towards increasing the overall security around electronic payments and this will only continue.”