Security features you should consider for online payments systems
Managing card data security and preventing fraud is most important when processing credit and debit cards through online payments systems. In these so-called card not present transactions, customers and cards aren't physically present. All the more reason to have security and fraud prevention features that help you manage online payments systems more safely and more securely. Adherence to the PCI-DSS standards, getting PCI compliant and remaining so is a good first step for your business. However, consider features in two other areas that will help protect your online payments systems, your business and your customers.
Card Data Security
The first area for which you should consider special features is card data security. Fraud typically results from the use of card data that's been stolen. And that theft comes more and more as a result of data intrusions that expose credit and debit card information as well as customers' personally-identifiable information. Stolen card data is then manipulated and used for fraud downstream.
The process of tokenization generally replaces actual credit card information with numerical sequences that mock the real card, but hide its real number. Tokens are then used in authorization and other payment processes while the real card data is stored in a so-called "vault". These become particularly valuable if your customers like to store payment data with you for future purchase. In many cases, the tokens act just like the real credit card number for all other process and service issues, such as issuing credits or managing chargebacks.
Many payment providers also have pay-page features. To simplify, a pay-page effectively removes all card data from associating with or entering your online payments systems. At checkout, customers are taken through a window to the pay-page providers systems where card and other data is entered with authorization taking place outside of your environment. Introducing these hosted checkouts also dramatically reduce your PCI scope.
Fraud Detection and Prevention
Just like card data theft, fraud is a reality in commerce today. This is particularly true for businesses accepting payments through online payments systems. You should start with basic tools that are available to you such as the address verification service (AVS) which helps confirm the legitimacy of information shared with you online by a customer. More advanced fraud detection and prevention features scan patterns of card use and other behaviors to determine the likelihood of fraud. If your business accepts payments from customers all over the world, even more advanced features include geo-location and IP intelligence so that you can detect and thwart fraud from criminal individuals or syndicates around the world.
Did you know that nearly 2/3 of chargebacks have a fraud connection? Making the connection between fraud and chargebacks is important for online payment systems. Some payment providers have features that integrate with your online payments systems to detect and identify likely fraudulent transactions based on available data from credit card issuers. And, many of these features also allow you to proactively refund customers for charges that are likely to be fraudulent, which can help reduce the burden and cost of managing chargeback processes.
It's not difficult to start thinking smarter about whole-picture protection for your online payments systems. Considering card data security and fraud prevention needs for your business goes a long way in protecting your business and reputation as well as your customers.