Skip to main content

Can you spot the payment security threats to your business?


Regardless of the type of business you operate, if you accept credit or debit cards, you’re responsible for protecting your customers’ sensitive data from theft and misuse. If you don’t you could experience a data breach, fraudulent transactions, more chargebacks, penalty fines from the major credit card brands, legal fees, and more. The threats your business faces on a daily basis aren’t always obvious, especially if you don’t know where to look, or what to look for. Take a quick break to test your ability to spot potential threats to this fictional coffee shop. Can you find all four?

This average quick service restaurant scene probably doesn’t scream “security vulnerability” to you at first glance. But as demonstrated in the challenge above, just because security threats don’t announce themselves with a giant warning sign and caution tape, doesn’t mean they aren’t there. The same is true for your own business. Things you don’t necessarily notice, but encounter every day, actually pose serious threats to your business. So, how can you spot and eliminate threats at your business? Let’s walk through the basics.

Protecting systems
The basic security protocols for your personal computer apply to your business systems as well. Good system hygiene includes virus scanning and protection software, strong password protocols, and firewalls.  Businesses also need to consider the vulnerabilities remote access presents since it’s common to use a third party vendor who may need access to all or part of your business system from time to time. Best practices for remote access are to limit access to business crucial tasks, assign one password per user, and to always close the access point when no longer immediately needed.

It’s also prudent to regularly inspect your credit card terminals to ensure they haven’t been tampered with. Skimming devices are popular among fraudsters who collect credit card data by installing their own magnetic stripe reader on your terminal to steal data as you’re processing transactions.  Skimmers often mimic the legitimate swiper, fitting on top of or inside of it without drawing attention to itself.  Physically checking the integrity of your card reader is a good idea. Alerting your staff to popular fraud tactics like skimming can help you foster vigilance among employees which is an important aspect of merchant card data security and anti-fraud measures.

Adhering to PCI compliance regulations is a great way to keep your systems secure and free from tampering by hackers and fraudsters. The PCI counsel has identified 12 crucial steps, including the few discussed above, to help merchants protect themselves. And PCI compliance assistance programs make it even easier to ensure that you’re maintaining compliance and closing all potential vulnerabilities to fraud.

Protecting credit card transactions
Every time you run a transaction, you’re exposing payment data to the possibility of theft.  If you’re not using an encryption technology, the moment you swipe a card, the card number is exposed in the system and therefore can be stolen if a hacker breaches your system.  The card number and sensitive data needed for authorization is at risk while the transaction is being processed and returned with an authorization or decline. But POS systems and credit card terminals can have encryption technology built-in, so that the card number is instantly and perpetually masked with characters and symbols that have no value to the thief.

Similarly, some business operations require a card to be kept on file for future transactions like tip adjustment and recurring payments.  Tokenization works similarly to encryption, but is used to mask real card numbers at rest in the POS system or terminal.

EMV technology protects transactions from fraud.  If you accept a chip-based credit card without an EMV-enabled terminal, you could be liable for any fraud that occurs as a result.  When you use EMV, a cloned or counterfeit credit card will not work since the data needed to complete the transaction resides in the chip and is theoretically impossible to duplicate. 

Protecting cardholders
Everything we’ve discussed to this point is ultimately about information security and protecting cardholders. Being aware of the dangers of exposed credit card information is crucial to securing your business from fraud and theft. Seemingly harmless actions like having new hire candidate resumes with their personal information exposed in a pile on the countertop exposes personal data to potential criminals. Similarly, viewing a customer profile with sensitive data in view of other customers is risky behavior that should be discussed and avoided.

Your employees have access to most of the fraud strategies we’ve discussed in this article. Have you performed background checks to ensure you have a trustworthy staff? Have you spoken to them about the importance of keeping cards secure if they must be removed from the customer’s physical presence? Are they trained to recognize the signs of fraud at the POS?  It’s important to create a company-wide policy for these things, and to regularly update it and review it with your staff.

If you need more guidance on how to spot and remedy security threats in your business, give us a call. We have payment security solutions that work for business of all kinds and we can help you implement the right technologies for your business. 
#awepay #awepayawesome #payments #paymentsolutionproviders #paymentsolutions #paymentservices #paymentsmadeeasy  #paymentsystem #paymentsystems #paymentsolution #bankalliance  #bank #SocialMedia #fintech #media #ecommerce #Chatbots #UI #AI #ML #eCommerce #Payments 

Comments

Post a Comment

Popular posts from this blog

Apple Pay is coming to eBay.

As the online marketplace moves away from its official relationship with PayPal, it is moving into new relationships with new providers. As of this fall, Apple Pay will be one of the first new options on its new payment platform, making it possible for customers to either use Apple Pay in eBay’s mobile app, or for web purchases (provided they are using Safari as Apple Pay doesn’t work with Chrome or other browsers). The Apple Pay option will roll out slowly at first — only a small group of select Marketplace customers will get to use Apple Pay in the first phase of its introduction to eBay. The goal, however, is to make the transition to their own in-house payment platform by the end of 2021. The transition marks a definitive split from PayPal. eBay formally parted ways with PayPal in 2015, when it spun out as a stand-alone firm. eBay — as their contractually mandated partnership with PayPal is drawing to a close — is now working with Amsterdam-based company Adyen to...
Post a Comment
Read more

10 ways to protect your customers' credit card data

Accepting credit cards doesn't have to be a constant exercise in paranoia about whether your customers' credit card data is safe or not. Here are 10 solutions for protecting the credit card data of your customers. 1. You can’t go it alone Like anything in life—when there's a lot on your plate, you can't manage it all without help. Card data security, fraud protection and securing your customers’ information in your store is more than a one-person job. It's everyone's job. Get everyone in your business, including your customers, thinking about card data security and fraud at the point of sale. 2. EMV installation You're probably tired of hearing about EMV and chip cards at this point, but if you don't have one, you're putting yourself and your own profits in jeopardy. Chip cards, and the EMV-enabled credit card terminals that can read them, are designed to stop fraud at the point-of-sale. A "forged" card is difficult to pa...
Post a Comment
Read more

A Robust Payment Platform

Owing to the radical evolution of Fintech companies, heightened customer expectations for value-added services, and ever-changing regulatory landscape, the prominence of payment technologies has undeniably risen to new heights. These dynamics are reinvigorating the traditional financial landscape and enabling merchants to tap into the potential benefits of nascent technologies. At the same time, moving away from conventional methods of payments is bringing unprecedented opportunities to carry out international trade for both sellers and buyers. Although the disruption in the payments landscape seems stimulating for global trades, not all ventures gain from them as stringent compliance standards often undermine the use of technologies for cross-border transactions. Enunciating the same, Casey Seow, managing director of AWEpay, mentions that the new breed of technologies is revamping the entire payments space, enabling companies to cater to the untargeted market segments. He f...
Post a Comment
Read more