19 Sep Easy Steps to Protect Your Customers’ Data
Scammers are always pushing to find the vulnerabilities in your security programs and systems. And, we now live in a world in which consumers are holding companies accountable for data security, since many high-profile breaches have exposed serious issues. By choosing the right payment processor, and taking the steps outlined below, you can do a lot to protect your customers’ data.
Tokenization allows for the replacement of card data with a valueless representative of the original card number – making the data useless should it fall into the wrong hands. So, if a breach does occur, fraudsters will not have access to your customers’ actual credit card information.
This can be especially helpful if you accept mobile payments. Near field technology (NFC) needs an additional layer of security, and many industry experts believe tokenization is the best defense against mobile payment fraud.
The implementation process is straightforward and seamless. We highly recommend you talk with your credit card processor about tokenization.
Don’t Keep Sensitive Information on Hand
Though it may be convenient in a busy moment to write down your customers’ credit card information, this is EXTREMELY dangerous. You should also reconsider storing customers’ credit card information. Terry Evans, president of Lighthouse Business Consulting Services, and an expert in cybersecurity for small businesses, said, “Those are clients’ credits cards, you don’t need to hold on to them, and once you do, you create an enormous problem for yourself.”
Beyond that, storing customers’ card data on a ledger could result in fines – and even open you up to a data breach. In 2017, the average cost of a data breach in North America is $1.3 million for enterprises and $117,000 for small and medium-sized businesses (SMBs), according to a report from Kaspersky Lab.
Hopefully, everyone you come in contact with holds themselves to high standards of integrity. But if not, a disgruntled team member or vendor could steal the information and use it to make fraudulent charges. It’s best to avoid writing credit card information down altogether.
Empower Your Staff
“I’ve walked into brick-and-mortar stores, into what should be a secure area—their accounting area—and computers are up and available and logged in,” says Evans. “I also see people scribble passwords down on a post-it note or desk blotter making the password visible to folks.”
Make sure EVERY member of your staff is protecting customers’ sensitive information by doing things like shredding documents and logging out when computers aren’t in use.
You could even create employee PIN codes to track sales and refunds made by employees. It’s also a good idea to devote time to talk about safe handling of transactions and potential fraud risks.
Comply with Industry Standards
The PCI Security Standards Council is the set of handling standards set forth by the four major credit card companies.
The annual PCI compliance questionnaire is difficult to understand, and trips up thousands of merchants across the country, many of whom end up paying between $20 and $70/month in non-compliance fees. Many processors view these fees as a revenue generator – contact BASYS today to learn about getting compliant, and reducing unnecessary fees.
While things like end-to-end encryption and tokenization do not eliminate the risk of a breach, merchants who utilize them can feel confident that their customer’s sensitive card data is being protected.
What measures are you taking to protect your customers’ sensitive information?
BASYS Processing as a business partner
Does your current processor understand the unique struggles of your industry? Do they provide great rates and personal customer service? Are they offering solutions to grow your business and being proactive about helping you reduce risk and increase your savings?
BASYS Processing features:
• A friendly, live voice will answer the phone when you call; no automated phone systems
• In-house PCI Compliance team to walk you through the process step-by-step, improving security and reducing costs
• A knowledgeable Account Manager assigned to your business to support your needs
• Accept payments in person, over the phone or online
• Next-day funding options
About BASYS Processing
BASYS Processing provides credit card and debit card processing services, plus solutions that include terminals, virtual terminals, e-commerce, mobile, and point-of-sale, customized to fit any need. Banks, associations, and software partners depend on us to strengthen their reputations and relationships with their customers by providing remarkable service paired with ultimate flexibility and pricing. Merchants depend on us to make accepting credit cards and debit cards convenient, safe & affordable. BASYS was founded in 2002 on one philosophy: to take care of our merchants, partners, and employees so they never want to leave. We are dedicated to working one-on-one with our customers to design the perfect solution. BASYS is Personal Payment Processing.
Learn more at basyspro.com, and connect with us online at: