CStore Decisions

  • Home
  • Today on CSD
  • Categories
    • CBD
    • Foodservice
    • Fuel & Gas
    • Health & Beauty
    • Independent Operators
    • Operations & Marketing
    • Technology
  • CStore Playbooks
    • Alcoholic Beverage Playbook
    • Candy Playbook
    • CBD Playbook
    • Foodservice Playbook
    • Technology Playbook
    • Tobacco Playbook
  • Products
    • 2022 Hot New Product Contest
    • Hot New Products Contest
    • Beverages & Cold Vault
    • Candy, Gum & Mints
    • Snacks
    • Tobacco
  • Resources
    • Digital Issues
    • Research & Downloads
    • Podcasts/How To Series
    • On Location
    • FAQ
    • 2022 Top 111 Chains
    • Leaders in Convenience
    • Rack Prices
    • Sponsored Content
    • Videos
    • Webinars / Digital Events
    • White Papers
  • Events
    • 2021 Chain of the Year
    • Convenience Directions
    • NAG Convenience Conference
    • Young Executive Organization
  • Join
    • National Advisory Group
    • Safe Shop Assured
    • Young Executive Organization

Results of Data Security Study Announced

By CSD Staff | January 13, 2011

Share

The National Retail Federation (NRF), a retail trade organization, and First Data Corp., a provider of electronic commerce and payment processing, have released results from a research study of data security and fraud prevention strategies practiced at small to mid-sized retailers.

Most of the retailers surveyed had annual sales of less than $100,000. The analysis was revealed during the NRF Big Show 2011.

An overwhelming majority of respondents (86%) stated they care about keeping their customer card information secure and feel payment card data security is important to their business. But almost two-thirds (64%) believe that their business is not vulnerable to credit/debit card data theft and 60% are unaware of the costs they could incur in the event of a breach.

PCI Awareness and Liability

While two-thirds (66%) of respondents to the survey claimed awareness of the Payment Card Industry Data Security Standard (PCI DSS), only 49% of respondents had completed a self-assessment at the time of the survey. Among those who had heard of PCI DSS; however, 42% did not know that merchants are obligated to conduct the self-assessment annually and 41% had not heard of the recent change in regulations.

The survey also showed there appears to be some confusion among retailers regarding the liability costs in the event of a data security breach. More than 60% of these smaller merchants did not realize that credit card companies are authorized to fine their business a per-card fee for every card that has to be canceled if it is determined that they are the source of a data breach.

According to the 2009 U.S. Cost of a Data Breach Study by the Ponemon Institute, the average cost for merchants coping with a data breach in 2009 rose to $6.7 million with the cost per customer record breached estimated at $204.

Data Security and Fraud Prevention Strategies

Most of the specific data security and fraud prevention practices cited in the survey were familiar to the majority of respondents with several of the strategies already integrated into their business operations.

Restricting physical access to cardholder data and using anti-virus software were the two most frequently reported protection methods (76%). Other practices toward the top of the list were restricting access to cardholder data by business need to know (67%); developing and maintaining secure systems and applications (64%); and maintaining a policy that addresses information security (63%). Of those who electronically-store cardholder data, 68% also take steps to protect that data and 53% use encryption technology.

Experience with Fraud and Security Incidents

More than 4% of respondents reported having been a victim of any one type of fraud listed in the survey. Although the percentage appears low, it equates to a potential one million small businesses being impacted. The latest Federal data estimates there are approximately 24.6 million small businesses currently operating in the U.S.

Physical theft or tampering with terminals and computer viruses, including malware, were the top two fraud and security incidents experienced by respondents at 37% and 22%, respectively. Employee misuse or theft of card data accounted for another 17% of incidents.

“Our survey results illustrate that smaller retailers take protection of their customers’ sensitive payment card data very seriously and continue to add more layers of security to their business operations,” said Mark Herrington, senior vice president of Global Product Management and Innovation, First Data. “The finding we found most intriguing was the confusion around the potential liabilities in the event of a data breach. We’re confident that continued education in the payments industry will raise awareness of the importance of annual self-assessments and the right mix of data security and fraud prevention tools.”

Data from the Small Business Data Security Study was fielded online from Oct. 26 to  Nov. 19, 2010. The majority of survey respondents (89%) represented less than $500,000 in payment card sales annually through both card-not-present (CNP) and in-person transactions. A total of 651 small and mid-sized merchants completed the survey.

Related Articles Read More >

C-Store Investments into Foodservice Prove to be Beneficial
Acumera and Reliant logos
Acumera Acquires Edge Computing Solutions Provider
Sheetz Offers Fourth of July Fuel Discount
Cubby’s Grows Foodservice Footprint
Safe Shop Assured

CStore Decisions Newsletter

Sponsored Content

  • Create Some Positivity at the Pump: 3 Ways to Fuel Customer Experiences
  • How Minuteman Food Mart Ensures a Consistent Customer Experience Across 44 Stores
  • Three Challenges Disrupting C-Store Operations and How to Overcome Them
  • Why Wait? Converting to E15 is easy.
  • It’s time you profited from your checkout line

Get the Magazine

Subscribe Now!
Subscribe Now!

Manage Current Subscription
CStore Decisions
  • New CSD Print Subscription
  • Manage current print subscription
  • CBD Retail Trends
  • CStore Products
  • NAG Convenience Conference
  • Convenience Directions
  • Rack Prices
  • Subscribe to CSD’s E-Newsletter
  • About CStore Decisions
  • Advertise

Copyright © 2022 WTWH Media LLC. All Rights Reserved. The material on this site may not be reproduced, distributed, transmitted, cached or otherwise used, except with the prior written permission of WTWH Media
Privacy Policy | Advertising | About Us

Search CStore Decisions

  • Home
  • Today on CSD
  • Categories
    • CBD
    • Foodservice
    • Fuel & Gas
    • Health & Beauty
    • Independent Operators
    • Operations & Marketing
    • Technology
  • CStore Playbooks
    • Alcoholic Beverage Playbook
    • Candy Playbook
    • CBD Playbook
    • Foodservice Playbook
    • Technology Playbook
    • Tobacco Playbook
  • Products
    • 2022 Hot New Product Contest
    • Hot New Products Contest
    • Beverages & Cold Vault
    • Candy, Gum & Mints
    • Snacks
    • Tobacco
  • Resources
    • Digital Issues
    • Research & Downloads
    • Podcasts/How To Series
    • On Location
    • FAQ
    • 2022 Top 111 Chains
    • Leaders in Convenience
    • Rack Prices
    • Sponsored Content
    • Videos
    • Webinars / Digital Events
    • White Papers
  • Events
    • 2021 Chain of the Year
    • Convenience Directions
    • NAG Convenience Conference
    • Young Executive Organization
  • Join
    • National Advisory Group
    • Safe Shop Assured
    • Young Executive Organization