It's time to double-check that your credit card machines are up to date and operating in compliance with the law, according to the Federal Trade Commission (FTC). And, in putting safety first, your customers will thank you for it.

The FTC recently issued a business alert, reinforcing a provision stating that companies must make sure they are, and have been, obeying a law that ensures the security of consumers' credit card information.

According to the federal Fair and Accurate Credit Transaction Act (FACTA), the printed credit and debit card transaction receipts that you give customers cannot include more than five digits of the card number nor can they include the card's expiration date.

"If [credit card numbers] fall into the wrong hands, that can mean big problems for consumers," says Michele Stolls, an attorney with the FTC. "Data security continues to be one of the FTC's top priorities."

The FTC also cautions businesses that noncompliance could open them up to FTC law enforcement action. Consumers also can sue businesses that don't comply and collect damages and attorney's fees.

Congress passed the provision in 2003, but businesses with older credit card processing machines were given until Dec. 1, 2006 to get in compliance with the law.

This law applies only to electronic receipts that you give customers at point of sale, not to handwritten or imprinted receipts, or transaction records you retain. If you do keep any of your customers' personal data, however, you are obliged to keep it safe.

Get more advice on safeguarding customer information.

--Vanessa Machir
vmachir@safnow.org

 

Previous Article    Next Article