Boxoffice® Pro - February 2014

EXECUTIVE SUITE
UPCOMING EVENTS
2014 UDITOA Annual General
Membership Business Meeting &
Convention
Feb. 3–6
CinemaCon 2014 Mar. 24–27
National Assoc. of Broadcasters
(NAB) Conf. & Exhibition
Apr. 5–10
NATO of Pennsylvania Apr. 23
NATO of CA/NV Southern
California Film Product Seminar
Apr. 24
North Central States NATO 2014 Apr. 29–30
NATO of CA/NV Northern
California Film Product Seminar
TONE 2014 Future of Cinema
Conference
Mid-Atlantic NATO “Cinema Show
& Tell”
Apr. 29
May 7
May 13–14
ShowCanada 2014 June 3–5
Cine Europe 2014 June 16–29
NAC Convention & Trade Show
2014
July 15–18
ShowSouth 2014 Aug. 19–20
Geneva Convention 2014 Sept. 9–11
CineShow 2014 Sept. 16–17
Kino Expo International
Convention & Trade Show 2014
NATO General Membershp and
Board of Directors Meeting
Sept. 22–26
Sept. 30–Oct. 1
Rocky Mountain NATO 2014 Oct. 7–9
Australian International Movie
Convention 2014
Oct. 12–16
ShowARama Oct. 14–16
ShowEast 2014 Oct. 27–30
CineAsia 2014 Dec. 9–11
data breach, preparation and knowledge are your best allies. First,
ask your current point-of-sale (POS) provider if it is PCI compliant.
According to the website www.pcicomplianceguide.org, the Payment
Card Industry Data Security Standard (PCI DSS) is a set of requirements
designed to ensure that all companies that process, store, or
transmit credit card information maintain a secure environment.
This pertains to any merchant that has a Merchant ID (MID). The
Payment Card Industry Security Standards Council (PCI SSC) was
launched on September 7, 2006, to manage the ongoing evolution
of the Payment Card Industry (PCI) security standards with a focus
on improving payment account security throughout the transaction
process. The PCI DSS is administered and managed by the PCI SSC
(www.pcisecuritystandards.org), an independent body that was created
by the major payment card brands (Visa, MasterCard, American
Express, Discover, and JCB).
What does all that mean? It essentially means that as a merchant
accepting card purchases, you should be PCI compliant. Failure to
meet such compliance can result in significant fines levied against
your business. A great resource for advice already exists in one of your
current business partners: your POS and card-processing providers.
These people know more about this issue than you’ll ever want to
know. If Jeopardy! only surveyed competitors about card processing,
these folks would annihilate 74-time champion Ken Jennings. Or
if you’re serenading Roxanne under the balcony with songs of data
systems, then you want these people to be your Cyrano. You get the
idea.
Another resource is your local law enforcement. They are trained
to detect and identify fraud and theft systems, especially at the
small-business level. George Rouman knows his local sheriff very
well, and he discovered there are many ways to steal a customer’s card
information. It could happen through the aforementioned skimming
technique, or simply by an employee taking a smart phone photo of
a credit card. This is not to suggest that your loyal and adorable employees
are potential criminals. It merely highlights the methods that
thieves use to gain access to your system and customer information.
The more you know, the better you can detect irregularities.
A card technology system soon to be adopted in the United
States may provide improved security for consumers and merchants.
The smart card technology, used widely in Europe, is considered
safer than magnetic-strip cards. You may know them by their more
sexy title: EMV (Europay, MasterCard, and Visa—the three major
companies developing the security technology). According to the
Minneapolis Star Tribune—Target’s hometown newspaper, for those
of you scoring at home—the retail superstore wanted to experiment
with chip-based smart cards. Other retailers, however, didn’t follow
suit with Target. Leave it to the Americans to thoroughly dismiss a
European solution to the problem. These chip cards employ a feature
called “dynamic data,” in which the system automatically alters the
account information in a unique way each time a customer swipes
his or her card. That would make the card unusable to anyone but
the customer. Target installed readers at all its stores, but ultimately
pulled the plug because competitors stuck to the old system (mostly
because the technology made for slower checkout lines). I think
there’s an apropos line to use here about all your friends jumping off
the Brooklyn Bridge.
Simply put, any theft against us proves a jarring situation, and
data security breaches are no different. It leaves us feeling vulnerable
and exposed to potential losses—funds, personal information, and
more importantly, confidence. Our patrons place considerable trust
in cinema operators to protect their information when they use cards.
NATO encourages you to use the available resources and prepare your
card-processing systems against potential theft. Credit/debit cards and
wireless transactions multiply every day, so it’s incumbent upon us to
adapt to these evolving risks.
12 BoxOffice ® Pro The Business of Movies FEBRUARY 2014