FAS is one of the very few systems in the floral industry to have ever
been certified for PCI compliance. FAS was originally certified for
PCI compliance back in 2009. FAS's PCI compliance was recertified in 2015
by the Payment Card Industry Security Standards Council.
More recently, FAS has raised its own security standards by incorporating the
latest EMV chip card credit card security technology into its systems.
card devices facilitate end-to-end encryption which guarantees that credit card
data is instantly encrypted when the card data is swiped, dipped (chip),
tapped (smart phone), or keyed, and that the data remains encrypted.
Tokenization is a process that involves substituting a token--a string of letters and
numbers--that represents the actual credit card data. These technologies
remove virtually any possibility of a data breach in your shop because text
credit card data never exists in the memory or on the hard disk drive of your
server or workstations. The secure chip card reader allows you to process the
chip on a credit card, swipe the magnetic strip on an older legacy card, and accept
contactless payments from customers' smart phones using Apple Pay and Android Pay.
This new technology represents the highest level of data security and functionality
available in the credit card industry, and these benefits are available at low,
fair, transparent pricing.
More recently FAS has been working with some of the industry's leading floral
website vendors to bring the same encryption and tokenization available in FAS
to the websites themselves. Websites represent one of a florist's greatest
vulnerabilities to a data breach. FAS provides the most comprehensive level
of data security available to a florist.
As you browse around the Internet you'll see some other floral software vendors
dismiss PCI compliance, chip card processing, contactless payments, and the
tokenization and encryption technologies as not being important to florists,
because florists "don't have many in-store transactions". However, the
tokenization and encryption are equally important for securing credit card
data taken over the phone. These statements are simply an indication that
these vendors don't understand the great risks associated with data security;
that they don't understand these technologies; and clearly, that their systems
do not include these technologies.
Most small businesses could not survive a data breach. A recent study by IBM
revealed that the average breach involved just over 24,000 records--not the millions
of records that make the news headlines. The average remediation cost to a
breached business is about $141 per stolen record, making the average cost of
a breach about $3.5 million! And it is the merchant--not the software provider
or the website provider--who is responsible for the breach. You simply cannot
afford to gamble with the very existence of your business by using systems
that are not proven to be secure.