Offering secure payment methods fosters consumer trust in your business
Everyone knows that using a credit card carries a certain degree of risk when it comes to data compromise and identity theft. Breaches happen. Card issuers know it. Credit card processors know it. And certainly cardholders know that their sensitive data could potentially be stolen, creating a whirlwind of problems for them and their finances. But what merchants may or may not know, is who cardholders blame when a breach occurs. Any guesses?
If you guessed merchants, you’d be correct. Breaches don’t put banks and card issuers out of business. But small businesses can’t make the same claim. Aeris Secure reports that a National Cyber Security Alliance study found that 60 percent of small businesses close within six months following a data breach. A number that can largely be attributed to the fact that 69 percent of consumers are hesitant to do business with a breached organization, as found by a 2015 Verizon Enterprise study.
Maintaining trust among your customers is good for business. And one of the best ways to go about fostering trust is to offer secure payment methods including EMV chip card acceptance, encryption, and tokenization.
Depending on the technology you use to process credit cards, you could either be helping to protect your customers, or making them vulnerable by giving thieves the opportunity to process chip cards without EMV at your business. When a chip card is used in an EMV-enabled terminal, a unique cryptogram is generated for every authorization that cannot be replicated. But if that same chip card is processed in the traditional way, by swiping the magnetic stripe, fraud is possible. Choosing EMV is choosing to prioritize your customers’ security. EMV can be implemented at a fairly reasonable cost, so it’s a relatively easy way to signal to your customers that you value their security.
Encryption and tokenization
Whereas EMV makes using stolen data theoretically impossible, encryption and tokenization make it impossible to even steal the data in the first place.
When a credit or debit card is processed, the card number is entered into the system or terminal by swiping the card, dipping the chip card, or manually entering in the card number. The instant that number hits the system, it’s vulnerable to theft. But when encryption is used the numbers never enter the system in clear text. The number is instantly encrypted with characters and symbols that have no value outside of the system. The encrypted data is sent to the authorization network where an authorization is generated, and then sent back to the POS system for settlement. But at no time in the process is that information visible and useful to hackers. Tokenization works on the same basic premises, but protects the data while it’s being temporarily stored for future transactions like tip adjustment or recurring billing.
Having EMV with encryption and tokenization is the current standard for secure payment methods. Merchants who employ them both, and take the steps required to achieve and maintain PCI compliance will fare significantly better in the battle for consumer trust than their competitors who don’t. For more information about secure payment transactions for your business, contact Vantiv.