The goal of the NACS/Conexxus WeCare© Data Security Program is to define a risk reduction program for small operators that is easy to implement and achieves a base level of data security without incurring significant costs. Here you can find resources and information to help you.
NACS/Conexxus WeCare Program Overview This document describes the WeCare© Program, discusses common data security threats, outlines a 9-point plan to improve data security, and provides the reader with additional resources for risk reduction.
Remote Access Compliance and Responsibilities: This Conexxus white paper is written to help educate and inform the retail petroleum industry store operator/small merchant about cybersecurity issues and to help raise awareness about the importance of these issues. It discusses the impact of cyber attacks and the responsibilities of the store operator for the security and compliance of store computing systems, networks, and data with applicable industry standards.
PCI Convenience Store Employee Data Security Training Manual: The protection of payment card data is of critical importance to . If payment card data were disclosed to unauthorized individuals, could face fines due to compliance violations as well as suffer a serious loss of reputation. In recognition of this risk, this policy defines requirements for the protection of payment card data. All employees and contractors are responsible for abiding by this policy. [PCI DSS Requirement 12.4] Failure to comply with this policy is subject to Company disciplinary action.
Protecting Payment Card Data at Your Dispensers: This guide was created with the assistance of Wayne Fueling Systems, Gilbarco Veeder-Root, NACS and concerned Conexxus retail members. This guide is intended to provide informed suggestions to the petroleum retailer on how to enhance the payment card security of unattended payment terminals at fuel dispensers.
SkimDefend Application: Mobile application designed to work in conjunction with WeCare decals to help with detection of potential unauthorized access.
ATM Skimming Detection and Deterrence Guide: Conexxus and the National ATM Council have jointly developed a guide focused on preventing and detecting ATM skimming in a convenience store environment. Skimming is the theft of credit/debit card information by a device placed in, on, or around an ATM. These devices allow criminals to secretly record credit/debit card information (from the magnetic stripe) - for later use in fraudulently producing counterfeit cards. ATM skimming also includes capturing customer PINs associated with the cards using a hidden micro camera that records the PIN digits. Keypad overlays and “shoulder surfing” are other methods. Download the document to read more on why skimming is a threat, what you can do to maintain a safe environment, protective steps you should take, ways to educate your customer, and what to do if you find a skimming device.
Additional data security white papers are available for Conexxus members under the member resources page.