Skip to main content

Can you spot the payment security threats to your business?


Regardless of the type of business you operate, if you accept credit or debit cards, you’re responsible for protecting your customers’ sensitive data from theft and misuse. If you don’t you could experience a data breach, fraudulent transactions, more chargebacks, penalty fines from the major credit card brands, legal fees, and more. The threats your business faces on a daily basis aren’t always obvious, especially if you don’t know where to look, or what to look for. Take a quick break to test your ability to spot potential threats to this fictional coffee shop. Can you find all four?

This average quick service restaurant scene probably doesn’t scream “security vulnerability” to you at first glance. But as demonstrated in the challenge above, just because security threats don’t announce themselves with a giant warning sign and caution tape, doesn’t mean they aren’t there. The same is true for your own business. Things you don’t necessarily notice, but encounter every day, actually pose serious threats to your business. So, how can you spot and eliminate threats at your business? Let’s walk through the basics.

Protecting systems
The basic security protocols for your personal computer apply to your business systems as well. Good system hygiene includes virus scanning and protection software, strong password protocols, and firewalls.  Businesses also need to consider the vulnerabilities remote access presents since it’s common to use a third party vendor who may need access to all or part of your business system from time to time. Best practices for remote access are to limit access to business crucial tasks, assign one password per user, and to always close the access point when no longer immediately needed.

It’s also prudent to regularly inspect your credit card terminals to ensure they haven’t been tampered with. Skimming devices are popular among fraudsters who collect credit card data by installing their own magnetic stripe reader on your terminal to steal data as you’re processing transactions.  Skimmers often mimic the legitimate swiper, fitting on top of or inside of it without drawing attention to itself.  Physically checking the integrity of your card reader is a good idea. Alerting your staff to popular fraud tactics like skimming can help you foster vigilance among employees which is an important aspect of merchant card data security and anti-fraud measures.

Adhering to PCI compliance regulations is a great way to keep your systems secure and free from tampering by hackers and fraudsters. The PCI counsel has identified 12 crucial steps, including the few discussed above, to help merchants protect themselves. And PCI compliance assistance programs make it even easier to ensure that you’re maintaining compliance and closing all potential vulnerabilities to fraud.

Protecting credit card transactions
Every time you run a transaction, you’re exposing payment data to the possibility of theft.  If you’re not using an encryption technology, the moment you swipe a card, the card number is exposed in the system and therefore can be stolen if a hacker breaches your system.  The card number and sensitive data needed for authorization is at risk while the transaction is being processed and returned with an authorization or decline. But POS systems and credit card terminals can have encryption technology built-in, so that the card number is instantly and perpetually masked with characters and symbols that have no value to the thief.

Similarly, some business operations require a card to be kept on file for future transactions like tip adjustment and recurring payments.  Tokenization works similarly to encryption, but is used to mask real card numbers at rest in the POS system or terminal.

EMV technology protects transactions from fraud.  If you accept a chip-based credit card without an EMV-enabled terminal, you could be liable for any fraud that occurs as a result.  When you use EMV, a cloned or counterfeit credit card will not work since the data needed to complete the transaction resides in the chip and is theoretically impossible to duplicate. 

Protecting cardholders
Everything we’ve discussed to this point is ultimately about information security and protecting cardholders. Being aware of the dangers of exposed credit card information is crucial to securing your business from fraud and theft. Seemingly harmless actions like having new hire candidate resumes with their personal information exposed in a pile on the countertop exposes personal data to potential criminals. Similarly, viewing a customer profile with sensitive data in view of other customers is risky behavior that should be discussed and avoided.

Your employees have access to most of the fraud strategies we’ve discussed in this article. Have you performed background checks to ensure you have a trustworthy staff? Have you spoken to them about the importance of keeping cards secure if they must be removed from the customer’s physical presence? Are they trained to recognize the signs of fraud at the POS?  It’s important to create a company-wide policy for these things, and to regularly update it and review it with your staff.

If you need more guidance on how to spot and remedy security threats in your business, give us a call. We have payment security solutions that work for business of all kinds and we can help you implement the right technologies for your business. 
#awepay #awepayawesome #payments #paymentsolutionproviders #paymentsolutions #paymentservices #paymentsmadeeasy  #paymentsystem #paymentsystems #paymentsolution #bankalliance  #bank #SocialMedia #fintech #media #ecommerce #Chatbots #UI #AI #ML #eCommerce #Payments 

Comments

Popular posts from this blog

12 Startups Utilizing Blockchain Technology in New Ways

Author: Awepay Cryptocurrency created quite the buzz this past year. Although the technology has been around for a few years, 2017 was the year it really took off. Bitcoin, the first application of cryptocurrency technology, hit $20,000 a coin, while coins like Ethereum also saw their prices increase. However, the technology behind these tokens, blockchain, has far more applications than just cryptocurrencies. Through a network of smart contracts that operate utilizing decentralized information on a ledger, blockchain is able to provide unmatched security and speed for data transfers. This means that blockchain technology has an application in nearly every industry where value is exchanged. For this reason, many startups have started to explore how this technology can change the way the world works. Here are twelve of those startups, each of which are utilizing blockchain technology in new ways. Related: 10 Reasons Why Good Customer Service Is Your Most Important Metric ...

4 Trending Digital Payment Methods: Is Your Business Ready For Them?

Businesses and consumers alike are interested in faster, safer, and more convenient payment methods. Are you ready to go digital?   Demographics across the world are shifting. Millennials are now the most diverse and prominent generation in the US population.   As a generation heavily influenced by technology, their buying habits and expectations are all formed via the immediacy that smartphones, Internet, and modern conveniences engender.   Businesses and consumers alike are interested in faster, safer, and more convenient payment methods, as cash is becoming obsolete and credit cards are being phased out. Mobile and social payment options could be the future of millennial-driven purchasing, creating the sort of instant gratification that millennials expect.   Here are a few trending digital payment methods that Millennials will prefer to use in the coming year.     1. Mobile In-Store Payments & Apps...

EMV transactions: Is it time for you to upgrade?

Even if your business has not yet adopted an EMV-enabled solution, you’re probably somewhat familiar with the technology since it's among the most talked about developments in payments. EMV has proven to be an effective tool to fight card present payment fraud in Canada and many European countries. While EMV is new to the U.S., payment card fraud is not, with nearly $8.5 billion in fraudulent transactions in the U.S. in 2015 alone. What’s more, the U.S. represents nearly 40 percent of worldwide fraud, despite having less than 25 percent of transaction sales volume. EMV defined So what is EMV? EMV technology is based on specifications developed to ensure worldwide acceptance of secure payments by an organization called EMVCo, a group of leading companies in the payments industry including American Express, Discover, JCB, MasterCard, UnionPay, and Visa and supported by dozens of other companies in the industry. EMV has become the global standard for authenticating credit...