What is behind MPI’s decision to stop the acceptance of preauthorized credit card payments?
Saving money? Apparently, but the savings are coming from the reduced scope of PCI DSS compliance by eliminating cardholder data storage (according to CBC reporting). We are all used to some “small P” politics around compliance, but not too often is PCI DSS compliance a “big P” Political issue!
“As payment card industry standards continue to evolve, the cost to all MPI ratepayers to continue to offer this payment option would be prohibitive,” Brian Smiley said in a written statement. In a statement, Crown Services Minister Colleen Mayer said the change was approved by cabinet for security reasons. “Ultimately, the proposal that Manitoba Public Insurance brought forward was one aimed at ensuring the sensitive financial data of ratepayers is protected and it is one we agree with,” she said. “Prior to this change, Manitoba Public Insurance was storing credit card data electronically, creating undue risk for serious data breaches where this data could be unwillingly shared and compromised,” Mayer said. “Our government believes this move is better for ratepayers in terms of financial security and will save money in the long run.”
Ad below this line: