User menu

Credit Card Security Guidelines For Your Firm

Mon, 08/24/2015 - 11:14 -- admin25

by Tracey Gavin

Even with the low risk of credit card fraud in the legal industry, your firm should still adhere to security guidelines. The following is a quick guide to fraud preventing payment trends:


NFC or Near Field Communication are payments made through credit cards stored on smart phones. Charges are made by tapping, waving or simply getting close enough for a NFC credit card machine to read the digital signal from the card.

The benefit to merchants has been debated due to the high cost of hardware. The most popular NFC program is ApplePay which requires the card holder to be present, or close enough for the credit card terminal to read the signal. This means your firm can only accept ApplePay when a client is in your office. Decide if NFC provides any real cost savings before rushing out to buy a new point-of-sale system. For most traditional law firms, NFC does not make sense as a payment solution because your client must be present for payment.


EMV or Europay-MasterCard-Visa or sometimes known as “pin and chip” cards is a credit card embedded with an electronic chip, and considered a key security feature in preventing the use of counterfeit credit cards. Similar to NFC, EMV cards are mostly processed by a card machine. EMV technology has been largely focused on mid-size to large retailers.            

As a law firm, you have an advantage over traditional retailers because you know the identity of your clients, which drastically reduces the risk of accepting a counterfeit credit card.


PCI DSS, or Payment Card Industry-Data Security Standards has come to broadly represent the overall compliance and security when accepting credit cards. PCI has been required for law firms that accept credit cards since January 2015 and required by Visa, MC, Discover regardless of the method you choose to accept credit cards (i.e card present or card not-present). PCI is managed through a series of self-assessed security questions. Usually, law firms can reduce the security requirements and protect their firms by implementing a few small changes.

To become PCI compliant, firms should eliminate the need to see, collect or store any credit card data from clients. If no one in your office touches, records or handles a client credit card, or the credit card number, then the risk for card fraud is almost eliminated. With a service like LawPay ( this can be done by using a secure web-based system that securely encrypts the credit card. Programs are available to add secure payment links to your website or send electronic invoices directly to clients. Your client may then pay online. These methods also eliminate the need for traditional credit card machines, thus further reducing your risk.

About LawPay

The LawPay program, is a custom payment solution designed for attorneys and complies with ABA and state requirements for managing client funds. As a member benefit of the Dallas Bar Association, law firms save up to 25 percent off standard credit card fees. If you are currently accepting credit cards, we encourage you to compare your current processor and its fees with LawPay. To learn more contact (866) 376-0950 or  

Tracy Gavin is the Marketing Director for LawPay. She can be reached at

Back to Top