Restaurant IT Directors Continue to Struggle with PCI Compliance, Survey Shows

When it comes to credit card use in the restaurant industry, operators express a growing concern over protecting both themselves and their customers. But compliance with the Payment Card Industry (PCI) Data Security Standard remains confusing and expensive, they say, and some worry that they're still not doing enough to fully protect cardholders. This is according to a recent survey of restaurant technology executives attending the 2008 Multi-Unit Restaurant Technology Conference, held March 12-14, in Las Vegas. The survey was administered by Merchant Link, a provider of secure credit card transactions and sponsor of MURTEC 2008.

When shown a range of issues affecting credit card transactions (both security-related and non-security related) respondents ranked "security of customer credit card data" as the issue causing them the greatest concern, outranking such issues as the rising costs of payment processing, the level of support from technology providers, and glitches associated with networking. More than two thirds (68%) indicate that customer worries regarding credit card data security have increased over the past couple of years. These increases come in spite of an industry-wide effort to ramp up security and PCI compliance.

While most respondents report that their companies are either compliant with or very knowledgeable of PCI standards, and virtually all consider their restaurants' systems to be secure, more than a third said they still find PCI compliance requirements confusing and expensive.

When asked what steps they would take toward PCI compliance, a majority of respondents indicated they would look for a solution that takes data away from their POS systems and keeps it safe and secure.

This survey reinforces a growing concern regarding security. While these respondents have taken steps to secure their POS systems, they're unsure whether they've done enough to truly protect cardholder data and their company's reputations.

Companies struggling with PCI Compliance can contact the PCI Security Council for assistance, found online at www.pcisecuritystandards.org