Battle Credit Card Fraud
With the holiday shopping season fast approaching, that means additional credit card transactions and, as a result, an increased risk for fraud.
A report earlier this year from Javelin Strategy & Research found that credit card fraud has increased an alarming 87 percent since 2010 and accounted for a cumulative total loss of approximately $6 billion. Despite mounting evidence of this growing epidemic, loss as a result of credit card fraud has remained the proverbial elephant in the room for many businesses.
Organizations need to increase their awareness of this growing threat. Here are five tips to keep in mind:
1. Deal with any breach immediately.
It's critical to understand that even if all cautious, conservative steps are taken, and the best payment processing security is installed, a breach can still occur. If it does, have detailed credit card sales records to help you retrace your steps. This will help you determine when and where the breach took place, and mitigate the potential for additional losses. Furthermore, a proper assessment of the initial attack may ultimately provide a trail back to the source of the breach.
2. Maintain PCI compliance.
Not only is it against card brand regulations if you're not Payment Card Industry (PCI)-compliant when you accept credit or debit cards, it's also an absolute must in today's economic climate. Make certain your payment processing software security is current and is PA-DSS (Payment Application Data Security Standard)-certified, and that your business receives its PCI-DSS (Payment Card Industry Data Security Standard) certification.
3. Use end-to-end encryption for all sensitive data.
End-to-end encryption (E2EE) essentially boils down to scrambling the data sent from one device to another. It starts with your payment capture devices, and goes all the way to authorizing the transaction. E2EE technology prevents the card account data from being stolen electronically and lessens the cost and impact for your business to become PCI-certified. Select a payments provider that's technically savvy and supports E2EE.
4. Prevent tampering.
Make sure all employees who accept credit and debit cards from customers have a working understanding of the looks and functionality of the payment processing equipment. Scammers often try to tamper with a business's payment processing equipment in an effort to steal card information. Altered equipment usually consists of a small piece of hardware physically attached to the terminal itself. An attentive employee who knows what to look for should be able to easily identify an extra attachment to the device or oddly functioning software.
5. Refrain from storing credit card numbers.
To avoid one of the biggest PCI compliance risks, do everything in your power to not store credit cards numbers. Look for a payments provider whose platform is designed so that card information is never stored at your business site or on your business software.
It's reasonable to have a healthy level of economic optimism, but it's critical to take the necessary precautions to protect your company's assets and security. Don't let credit card scammers steal the fruits of your labor.
Rob Bertke is senior vice president of research and development at Sage Payment Solutions, a division of Sage North America, a software manufacturer based in Lawrenceville, Ga.
WBJ Web Partners
Most Recent
Most Recent
0 Comments