Blog Series – “The Top 15 Reasons To Use Biometric Technology In Workforce Management And Retail Point Of Sale”
Leading up to our participation in the National Retail Federation’s 2011 “Retail’s Big Show” from January 9 – 12 in New York city, M2SYS Technology is publishing a blog series on the top 15 reasons that biometrics is a smart choice for retail organizations to consider as an authentication technology in workforce management and retail point of sale applications.
In case you missed it, here are the links to our prior posts in the series:
Reason #1 – Stop Buddy Punching
Reason #2 – Increase Productivity
Reason #3 – Enhance Loss Prevention
Reason #4 – Establish Accountability
Reason #5 – Going Green
Reason #6 – Build Customer Loyalty
Reason #7 – Achieve Higher Return On Investment
Reason #8 – Airtight Access Control
Reason #9 – Solidify Role Based Security
Reason #10 – Boost Operational Efficiency
Reason #11 – Peace Of Mind
Reason #12 – Increase Speed
And now on to our next post…
Reason #13 – PCI Compliance
Personal Card Industry (PCI) Compliance
PCI Compliance requires any merchant (no matter how big or small or regardless of the number of transactions) that accepts, transmits or stores customer credit card data to maintain a secure environment. The PCI Data Security Standard (PCI DSS) is a set of requirements designed to help businesses understand how to maintain a secure environment and the PCI Security Standards Council (PCI SSC) is an organization that was founded to manage the ongoing evolution of the PCI security standards with focus on improving payment account security throughout the transaction process. Created by the major payment card brands (Visa, MasterCard, American Express, Discover and JCB) PCI SSC is responsible for administering and managing the PCI DSS requirements but the payment brands are ultimately responsible for enforcing compliance.
Merchants are grouped into “levels” based on their credit card volume over a one year period. In order to satisfy the PCI requirements, merchants must follow a series of steps which entail classification of validation type, completion of a self-assessment questionnaire, completion and collection of evidence for a passing vulnerability scan with a PCI SSC Approved Vendor, completion of the relevant Attestation of Compliance and submission of the information to the merchant’s acquirer. Whew, did you get all that? For a complete list of requirements, visit the PSI SSC FAQ section of their Web site here which details parameters of PCI compliance and provides a wealth of information on the rules, regulations and resources available to merchants.
Biometric Technology Offers Unsurpassed Security
In a September 2009 Banking Information Security Blog Post, Mike D’Agostino pondered what would happen if eventually biometric technology became the payment channel industry standard, replacing plastic credit and debit cards. He argues that:
“The issue is that PCI Compliance addresses security implications not completely reliant on payment cards. Building and installing firewalls, encrypting data in transmission, tracking and monitoring network resources…these are all things that ANY operation dealing with sensitive data should be practicing, not just those dealing with payment card data.”
He goes on to say that the future of PCI Compliance must include a discussion of a time when plastic credit cards are no longer the standard protocol for authenticating and performing transactions. Furthermore, instead of focusing on payment card data security, the industry should instead be focusing on data security at an aggregate level, an area where many businesses are weak and need to invest in modernized technologies such as biometrics to strengthen their overall security.
As we have been stressing in this blog series, biometric technology offers merchants an opportunity to incorporate a level of authentication security that is unsurpassed in the industry. Biometrics relies on physiological characteristics (fingerprint, finger vein, palm vein, iris recognition, etc.) to identify an individual’s identity rather than something you know (personal identification number or PIN) or something you have (credit or debit card). Due to the fact that anyone can steal your credit or debit card and obtain your PIN for fraudulent transactions, biometric technology is the only true way to identify someone with near absolute certainty. It is virtually impossible to steal a biometric characteristic to use fraudulently and there is no other authentication technology on the market that can claim to offer the level of security than biometrics. This is why the future of bulletproof transactional authentication is tied to widespread adoption of biometrics and with the modern flexibility that the technology offers, biometric systems can be tailored and customized to fit with just about any merchant’s unique needs.
Test The Waters Of Biometric Technology Risk Free
You may be wondering if biometrics is the right fit for you but worry that an investment in biometrics would necessitate a risky, large capital investment. The good news is that you can test drive a biometric identification system for workforce management or retail point of service environments on a 30 day free software trial with M2SYS Technology by making a small investment in the biometric hardware. This allows you to obtain the biometric system, implement it and test it out before paying for the software component. We want to ensure that you are comfortable with the system and understand its capabilities before you permanently adopt it for your business.
If you would like to explore the option of implementing a biometric identification system for your business, please contact us for more details and a free price quote.
Have you struggled with PCI Compliance? What are some of the specific challenges you have faced? Share your stories in our comments section.