Smarter steps to more secure payment solutions
When it comes to considering what you need for payment processing, here are the essential elements of a smart security strategy:
Stay on top of compliance
Network security and physical security are the very first lines of defense. You prepare for these when you work to achieve and maintain Payment Card Industry (PCI) compliance. Start with a check list:
- Make sure your systems are PCI certified
- Make sure your payment processor, and any other covered providers, are PCI certified
- Make sure all business partners—including fulfillment houses, call center and marketing support—are all committed to protecting your customers’ data
- As a business practice, restrict data access to a “need to know” basis for all employees
- Encrypt sensitive data that’s sent via email, FTP, data streams and phone lines
- Use encryption and tokenization to protect sensitive data stored on your systems
Solving for credit card acceptance and payment processing in the biggest picture must include a deep look at security. That look should include what PCI compliance assistance programs or training your potential providers offer.
Fight against fraud and chargebacks
The implementation of chip card technology, or EMV, in the United States is designed to stop the presentation of counterfeit cards at in-store point of sale. Then there’s the fraud liability shift that began in October 2015. As of now, generally speaking, liability for fraudulent transactions made in your store shift back in your direction if you’re not ready and certified for EMV acceptance. That means more potential chargebacks and their associated costs. Don’t think small businesses aren’t at risk—there’s anecdotal evidence that even an $8 sandwich led to a fraud claim and chargeback.
Protect the data, wherever it is
Protecting data as it travels through the authorization process (encryption) as well as when its being stored for whatever reason (tokenization) is an imperative. The good news is that data security is so paramount today that the marketplace offers numerous solutions, including those bundled directly with your payment processing or POS system. These solutions exist for your in-store payment needs and additional services exist for any online payments you process, including offerings that effectively remove any payment data from your online payment systems.