Training for Credit Card Handling

Retailers have to manage credit card security for not only card present transactions, but also card not present transactions — and each comes with its own set of risks.

Criminals use a variety of strategies to steal data — everything from compromising the card reader, to installing hidden cameras, and infiltrating the payment system using malware. Understanding these risks and following PCI DSS best practices is key to protecting cardholder data.

Weak PCI training caused two leading, well-known retailers to compromise 40 million and 56 million credit cards in 2013 and 2014, respectively. In fact, according to a Verizon report on PCI DSS compliance, a staggering 80% retailers fail at the interim assessment.

This PCI DSS course is designed especially for retailers — and it’s more than just a generic course on secure credit card handling. The course contains four core modules:

  1. Introduction to PCI DSS
  2. Card Present Environment
  3. Card Not Present Environment
  4. Advanced Topics

The topics that the user sees will depend on the role they perform. For example, if the user selects the role “Handling both in-person and other forms of transactions,” he/she will see modules 1, 2 and 3 but not module 4. If he/she selects “Playing a leadership role in securing in-person transactions,” he/she will see modules 1, 2, and 4, but not module 3. The first topic will always be visible to all users.

As a result, depending the user’s role, the user will learn the following:

  • The basics of PCI DSS
  • Who the payment card players are
  • What is Cardholder Data (CHD) and Sensitive Authentication Data (SAD)
  • How criminals steal payment card data
  • The different PCI DSS requirements
  • Payment card security features
  • How to accept card present and card not present payments
  • How to protect payment devices
  • How to identify suspicious customer behavior
  • Best practices for e-commerce transactions
  • Cyber security best practices
  • How to spot terminal tampering

Global Learning Systems’ PCI for Retail self-paced modules feature the essential knowledge your employees need for safe credit card handling during transactions  to keep card data protected. Upon completion of the course, learners will be able to:

  • Identify the PCI-DSS requirements that apply to retail interactions with customers
  • Recognize payment card security features
  • Describe common fraudulent practices
  • Explain how to securely process card present transactions and card not present transactions
  • Describe how to identify and respond to suspected payment card fraud
  • Recognize cyber security practices to secure sensitive data

The GLS PCI for Retail training covers all awareness topics recommended for employees and management by the PCI Security Standards Council.

Duration: 5-7 minutes per module