Identity theft and credit card fraud have become growing concerns among restaurant operators. With easier access to online information, social security numbers and other information, credit card and identity thieves have an easier time these days.

The PCI DSS (Payment Card Industry Data Security Standard), a set of comprehensive requirements for enhancing payment account data security, was developed and voluntarily adopted by various credit companies, including Mastercard, Visa, American Express and other financial institutions to help facilitate broader adoption of consistent data security measures.

These requirements, organized by phases, went into effect earlier this summer. They include installing and maintain a firewall configuration to protect cardholder data; not using vendor-supplied defaults for system passwords and other security parameters; protecting stored cardholder data; using and regularly updating anti-virus software; developing and maintaining secure systems and applications; restricting access to cardholder data by business need-to-know; assigning a unique ID to each person with computer access; restricting physical access to cardholder data; tracking and monitoring all access to network resources and cardholder data; regularly testing security systems and processes, and maintaining a policy that addresses information security.

These new requirements could affect the waypoint of sale (POS) systems work with consumer's debit cards, among other aspects of restaurant operations, according to Robert Bertke, senior vice president for product development at Sage Payment Solutions. For example, from now on POS devices may need to capture a 4-digit PIN number on a debit card and restaurant owners must ensure that their card readers are PCI PED compliant, or risk fines and fees from processors.

In addition, more advanced software has been introduced to the restaurant industry, including technology with advanced labor reporting and menu tracking capabilities, Bertke said in published reports. Some of this software can also prevent "skimming," or recording credit card data by employees. However, all software transmitting cardholder data now has to be certified under PCI guidelines, since the July 1 deadline.

And, as technology that allows customers to pay checks at their table increases, the use of wireless devices will also have to comply with these PCI standards.