You may be cool, but you’re not James Bond cool. And that’s
okay, because odds are, if you’re reading this article, you’re not an
international spy with a cache of high-tech secret weapons either. But that
doesn’t mean you don’t have a huge responsibility to protect your customers and
your business against a multi-billion dollar, international cybertheft
industry. You do.
You’re probably thinking, “…who me? Little old me, with my
small local business? Surely I can’t be held responsible for the $36,000 per minute
fraud industry.” But unfortunately, you are responsible for fraud and data
security at your business if you accept credit cards. It's in the fine print of
your merchant agreement, regardless of which payment processor you use.
Credit card fraud protection is a big responsibility. But
with some knowledge and the right support from your payment processor, you can
become part of the defense team instead of an unwitting accomplice. Read on to
learn more about the risks and consequences of fraud and data theft and how to
put a stop to it.
The risks of a data compromise
Fraud is generally the result of data theft. It all starts
when a thief steals the sensitive data and cardholder information from a
payment card. Sometimes, this happens by stealing the actual card itself. But
more often, it happens by stealing the sensitive data when it’s exposed during
or after a payment transaction. This is known as a data compromise.
There are several ways to steal card data and thieves are
constantly working to improve their craft, so their methods change with high
frequency. But in general, thieves hack into or install malware on a vulnerable
payment system and create a secret virtual doorway where they can extract the
data being pushed through the system during transactions. The length of time
that doorway is left open and the volume of cards the business is processing
determines how many records are stolen. The longer it takes the merchant to
realize they have been compromised, the more damage occurs. The now infamous
Target data breach of 2013, for example, took place over the course of 17 days
and resulted in about 110 million compromised cards.
Other popular methods of stealing data include installing
skimmers at ATMs or gas stations so that when a payment card is swiped, the
data is collected and copied to a hacker’s database or data
repository.Additionally, some older payment solutions store sensitive data in
the system to be used for future transactions like tip adjustment or recurring
transactions. That data is vulnerable to theft as well, and could be stolen
long after the transaction was made.
Once the hacker has the data, it is either sold raw on the
black market to other fraudsters, or used by organized crime rings to operate
large scale fraud operations to create counterfeit cards, steal merchandise,
and/or create fake identities. Regardless of who ends up with the data, the end
result is usually fraud.
Fraud is the theft of actual goods and services as opposed
to data. But like data theft, fraud takes many different forms, is constantly
evolving, and is often highly organized and funded by large crime rings.
The consequences of data theft
The consequences of data theft are many, starting with
public embarrassment and loss of consumer trust, and oftentimes ending with the
closure of the business. In fact, research suggests that 60 percent of small
businesses close within six months of a data breach, in part because 69 percent
of consumers are hesitant to do business with a breached organization. With the
other part owing to the devastating fines, fees, and penalties involved in a
data breach.
While a small business won’t suffer the same magnitude of
financial loss as a major retailer like Target, with their $39 million
settlement, they don’t usually have the sheer volume and market penetration
needed to overcome such a loss either.
The cost of a data breach largely depends on the industry,
the cause of the breach, and the number of records stolen. The longer it takes
to detect a breach, the greater the cost. The 2016 Ponemon Institute Data
Breach Study found that a breach costs an average of $158 per stolen record,
and more specifically, $172 per record for the retail industry. If you consider
how many transactions you ran during the same time period that Target was
compromised, 17 days during the biggest shopping season of the year, you might
start to get an idea of how deeply a breach could affect you. But don’t forget
to take into account that Target has massive IT infrastructure and detected the
breach themselves—a scenario unlikely for most small businesses that tend to
experience breaches that go undetected for significantly longer periods.
Fraud also has a major financial impact on small businesses.
Up until October 2015, card issuers had liability for fraudulent transactions.
But since then, a new card processing technology was adopted in the U.S. called
EMV (Europay, MasterCard, Visa) and the card brand networks shifted liability
from issuers to merchants for in-store fraud involving a chip card. Today, if a
merchant doesn’t process a credit or debit card that has a data chip using an
EMV-enabled terminal, and the transaction ends up being fraudulent, the
merchant pays in the form of lost goods and/or services, plus the chargeback
and related fees. And since the majority of cardholders now have at least one
chip card in their wallets, merchants processing these cards without EMV
terminals have a high likelihood of seeing a sharp increase in chargebacks.
The potential fraud losses of a business without EMV
technology depends on the volume of business they transact and the average
ticket price of their merchandise or services. The LexisNexis 2016 fraud report
found that every dollar of fraud costs U.S. merchants $2.40, and that
fraudulent transactions happen up to 206 times per month on average.
The payment fraud solutions
Now that we’ve discussed the various fraud and security
threats to small businesses and their possible consequences, we can get back to
the discussion of how to outfit your business with security tools that would
put a smile on James Bond’s face.
Fighting fraud and data security threats requires a
four-part strategy: maintaining compliance with PCI data security standards to
help prevent a data breach; protecting sensitive data with encryption and
tokenization technology while processing transactions; processing chip cards
with EMV-enabled terminals; and investing in a breach protection solution to
help cover the costs if a breach does occur.
But the part that will put a smile on your face is that
Vantiv takes care of all of that for our merchants. We put all of those tools
and technologies into one affordable service so that you don’t have to
moonlight as a secret agent in order to avoid the pain and aggravation of fraud
and data compromise.
Not a Vantiv merchant? Ask your payment provider about their
security offerings to see if they stack up. Or, contact us for more information
about how we can help your business get and stay secure.
#Creditcard #creditcardfees #creditcardwasted
#creditcardprobs #creditcardpoints #creditcardknife #creditcardsaccepted
#creditcardbidding #creditcardtips #creditcardcompany #creditcardrewards
#creditcardperks #creditcard #creditcardwallet #creditcardsprocessing
#creditcardpromotion #creditcardfraud #creditcardoffers #creditcardprocessing
#creditcardcompanies #creditcardproblems #creditcarddebtfree #creditcardteam
#creditcardissues #creditcarddoodle #creditcardstatement #creditcardoffer
#creditcardsales #creditcards #creditcardacceptance
Comments
Post a Comment