Overview

Payment Card Industry Compliance is part of the agreement between the business (merchant) and the card provider and applies to not just large companies but small businesses too. It is not law, but if cardholder data is compromised and the PCI standards have not been followed, it can go against a company in a Data Protection investigation. Managers need to be confident they have effective and sound PCI compliant procedures and train their staff effectively.

This module begins with a straightforward overview of the PCI standard's evolution and allows managers to delve into the PCI 6 goals and 12 requirements to pinpoint any aspects of their business that may require enhancement. Additionally, it provides an opportunity to examine key card providers and how the data present on a card can be utilised to manage payments securely.

A section on processing cards securely begins by enhancing knowledge of how the different types of payment work before leading into a series of activities that develop the understanding of secure practices necessary for cardholder present and cardholder not present transactions.

Another critical aspect of PCI compliance is safeguarding cardholder data and the module explores how this can be done on a day to day basis in the business including SAD data and how a card data breach may occur.

The module finishes with discussing card fraud and how team members can “do their bit” to recognise potential fraudulent cards including checking issuer numbers and holograms along with taking proactive steps to inspect equipment for signs of tampering and skimming.

Key benefits of this module:

• Understand why handling customer card payments securely matters in their role
• Managers: Identify how the PCI requirements are met in their business and take action to improve
• Develop knowledge of the type of information found on payment cards and how it can be used to maintain card security
• Develop knowledge of how payment systems work
• Identify ways to keep card holder data secure when processing card holder present and card holder not present transactions
• Identify actions in the workplace to keep card holder data safe
• Identify ways to minimise the risk of a data breach of card holder data
• Apply checks to cards and equipment to minimise the risk of card fraud
• Increase awareness of customer behaviours during payment which could indicate a fraudulent transaction
• Know where to find further information if want to research further

Format

The course is delivered fully online and is split into five highly interactive sections. Learners will engage with case studies, a video, questions and activities that use real hospitality situations and finish with a quiz to ensure points are remembered and understood. The module may be completed in short sections over a period of time or all at one go! In addition, there are links to websites and documents that can be used to research further learning along with an action plan.

Learning Objectives

By completing this training, Managers will be able to:

• Identify why PCI standards should be followed
• Describe key work procedures to process customer card payments safely
• Explain how customer card data can be kept securely
• Identify how card fraud occurs and implement secure procedures

Accreditation

This module is accredited by the Institute of Hospitality with CPD points

Who Should Take This Course?

This module is designed for Hospitality managers and team members who handle in any customer card data, including restaurant teams, front office teams, accounts teams and managers. It centres on hotels but would also meet the needs of other types of hospitality companies with similar job roles.

Handling Customer Card Payments Securely using PCI Guidelines may contribute to the off job training hours for people undertaking some Level 2 apprenticeships or other customer service qualifications along with Level 3 management qualifications.

The module can be used in conjunction with our 2 modules on Data Protection, A Hospitality Managers Guide to Data Protection or Handing Personal Data in Hospitality – a Guide for Operational Team Members.

Test

At the end of the course, learners complete a 26 question quiz in the same style as the learning activities (drag-and-drop, single choice, multiple choice). The pass mark is 80%, with unlimited retakes available.

Post-Module Action Plan

Our unique action plans can be downloaded from within the module for completion. This module has 2 actions plans, one for managers and one for team members. A series of questions asks people to apply the information in the module to their workplace to identify areas where they can enhance their every day working practices or business to be PCI compliant and handle customers card more securely.

Managers can use the action plans with their team members to ensure their team are fully aware of procedures and to pick up action points for the whole team

In addition, there are links to websites and documents that can be used to research further learning.