Wickes: payment card security is hard to DIY

Wickes: payment card security is hard to DIY


The retailer is upgrading its chip and PIN systems to meet security standards

DIY retailer Wickes is working towards compliance with payment card data security rules by upgrading its chip-and-PIN systems and improving security.

Last year the firm rolled out payments processing software to manage 1,300 tills in 178 stores. But a year on from meeting the chip-and-PIN deadline, the infrastructure does not meet the requirements of the new Payment Card Industry Data Security Standard (PCI DSS) rules.

“Many retailers are annoyed that PCI DSS compliance is coming so soon after chip-and-PIN, and they feel there has not been enough help available,” said Wickes IT business manager Carl Collins.

“It is time-consuming ­ we will have to do the testing and submit the result to Barclays to obtain accreditation.”

Wickes is also addressing network security issues as part of its programme.

“We need to be sure that the network is secure so we are looking at encryption and whether we need to store the data elsewhere, such as in a fraud prevention system,” said Collins.

The final part of the upgrade will be the remote rollout of the upgraded chip-and-PIN infrastructure.

“It will take six weeks from getting the software in a development environment to having to integrate it. Then we must contact the bank for re-accreditation on the new system,” said Collins.