For small businesses, accepting credit and debit card payments is quickly moving from an option to a requirement. With this growing need to accept card payments, a number of questions related to security and fraud arise.
Whether your company is new to the world of credit card processing or it's taken these payments for some time, a review of security needs is always helpful. Let's cover some of the most important topics:
Keep sensitive information safe, digitally and physically
There are opportunities for sensitive payments information and related concerns – like passwords and other login data – to be captured physically and digitally. For the digital concerns, the answer is pretty straightforward. Using a credit card payment processor that can demonstrate its commitment to data security, using EMV-enabled card readers and following the Payments Card Industry Data Security Standard are major, foundational elements.
It's important to keep the physical security aspect in mind as well. As is frequently mentioned during discussions of major payments data breaches, the massive attack suffered by Target in 2013 was due to a lack of protected credentials on the part of a third-party vendor and an improperly segmented network, as cyber security expert Brian Krebs reported.
A similar issue can occur if you leave physical copies of passwords and other information in unsecured or publicly visible areas. Fortunately, physical security is a relatively simple affair as long as sensitive data isn't left in a place where it's easily accessible. Commit to keeping physical copies of such information at a minimum, and store them only in secure locations.
Take advantage of available resources
Your efforts to give your business the most secure credit and debit card payment environment possible should tap into existing tools that do exactly that. The PCI DSS is the standard for businesses, and the rules apply to many companies. Compliance is mandatory, but it also enhances security by using proven and time-tested measures. Entrepreneur contributor John Rampton said compliance can involve some extra time and effort, but it also means a higher level of security for you and your customers.
Similarly, your business should seek out a card payment processor that provides EMV-compliant card readers. This standard has been in place since October 2015, and consumers are growing to expect it. A lack of compliance also means your business will likely be at fault for any issues with card-present fraud.
Taking these two pieces of information to heart can significantly improve your payment security efforts. To learn more, reach out to the experts at Cloud 9 today.