Exciting growth opportunities exist for small and medium businesses taking advantage of the ever-increasing holiday shopping season. However, amidst this positive backdrop, lurks the negative threat posed by hackers and cyber criminals that prey on holiday shoppers and businesses.
Small and medium businesses can’t ignore the fact that they’re, in many ways, an easier and more alluring target than big-box stores for a cyber attack. In fact, one
With the variety of payment options available to customers, the growth of mobile purchases, and the increased sophistication of cyber attacks, small and medium businesses must take extra precautions to ensure customer information is protected from all angles. Your customers need to know their personal and credit card information is safe when making a purchase from your business.
Here are eight payment security recommendations that all small and medium businesses should follow throughout this holiday season and beyond.
Be vigilant. Keep detailed records of all sales transactions, including the date, time, and names of employees involved in the sale. The contact information for the customer should also be recorded. Detailed notes will become invaluable if a data breach does occur.
Act fast. In the event of a data breach, the key is to get to work right away to determine the cause of the breach and implement solutions. If you’ve taken detailed records, these notes will help you determine exactly when the breach occurred, allowing you to immediately take the necessary action to fix the situation and let affected customers know.
Communicate. A
Pay special attention to online orders. When a card isn’t present at the point of sale, such as during an over-the-phone or online transaction, they’re inherently riskier; thus, small and medium businesses should be even more aware of possible fraud. Be on the look-out if any of the following occur: the order is larger than normal; an order includes several of the same item; items are being shipped to an international address; transactions include similar account numbers; transactions are placed using multiple credit cards; multiple transactions are placed on one credit card during a short time period; sales are processed through the Deaf Relay System; cardholder asks for Wires or funds through a money transfer service, such as Western Union; or the sale seems “too good to be true.”
Train employees. Your employees are the eyes and ears of your business. Train them on your payment processing program so they’ll be able to detect when something doesn’t seem right. This will not only help prevent internal problems but also external threats. Consider having employees complete a payment checklist every time a purchase is made. The checklist should verify that address verification (AVS) is a match; confirm the 3-digit CVV security code; and ship to the AVS-verified cardholder billing address.
Don’t keep credit card information. Storing credit card numbers at your business site or on your software is a breach waiting to happen. Don’t rely on data security to be completely safe. If you don’t store sensitive credit card data, you’ve already taken a major step toward lessening your fraud threat level.
Don’t slack on compliance. Ensure your software is updated and that your businesses’ payment security programs are compliant with the Payment Card Industry (PCI) Security Standards Council. New PCI regulations came out earlier this year. To find out more about them, visit this
Use end-to-end encryption. Keep sensitive information safe from hackers and cyber criminals with end-to-end encryption. Encryption is one of the best protectors small and medium businesses can use to keep importation information from getting into the wrong hands. This is especially important when sending sensitive information from one device to another as it can ensure the data is scrambled before transmission.
If you can’t implement these best practices before this holiday season comes to an end, make a point of focusing on payment security as one of your top business resolutions for 2016.
Paul Bridgewater is CEO of Sage Payment Solutions.