PaymentsJournal
SUBSCRIBE
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
  • Analysts Coverage
  • Truth In Data
  • Podcasts
  • Videos
  • Industry Opinions
  • News
  • Resources
No Result
View All Result
PaymentsJournal
No Result
View All Result

Following Another Big Data Breach, It’s Time to Follow These Tips to Protect Your Business

Drew Sementa by Drew Sementa
December 22, 2017
in Industry Opinions
0
Interconnected Defi Increases Attack Vectors: $600 Million in Crypto Stolen From Poly Network

Interconnected Defi Increases Attack Vectors: $600 Million in Crypto Stolen From Poly Network

22
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

With data theft, cyber criminals and fraudsters always seem to be one step ahead. But if the recent hack of the Sonic Drive-In chain teaches us anything, it reminds us that merchants must try to keep up.

This past September, Sonic announced it had become the latest US business to be targeted by payment card data thieves. According to reports, cybercriminals used a variety of techniques to steal data belonging to 5 million cards – and worse, sold the card details on a cybercrime marketplace to be used to carry out fraudulent transactions.

Criminals and identity thieves stole an estimated $16 billion from consumers in 2016, but it also cost US businesses. Businesses lost 1.47 percent of their revenue to fraud last year. And with that amount on the rise, it’s important to take a look at what business owners can do to protect themselves. Here are a few tips:

Upgrade your payment terminals to be EMV compliant

If your business hasn’t yet adopted chip – or EMV – technology, it’s long past due to upgrade your terminals. EMV chip readers prevent “card present” fraud – that is, when someone uses a fraudulent card in person at the point of sale (POS). Because chip cards generate a new security code each time they are used, they’re nearly impossible to counterfeit.

And as of October 2015, the stakes for failing to adopt EMV technology got a lot higher – the US Fraud Liability Shift went into effect. According to the liability shift, the merchant is now liable for counterfeit transactions carried out with chip cards if terminals are not EMV compatible – or if the card is run without using a EMV reader, even if one is on hand.

So making your card-readers chip compatible won’t just protect you from fraud, but doing so will also protect you from being liable if the worst does happen. And while a full migration to chip readers might seem costly, it’s an investment that will pay for itself – Visa reported a 52 percent decrease in counterfeit fraud for merchants using EMV payments.

If paying to overhaul your POS system simply isn’t feasible however, consider third-party hardware or software that integrates with your current POS. Platforms like eThor – which sits on a POS system and sends customer data automatically to a mobile EMV device – achieve an EMV upgrade without breaking the bank.

Follow your network’s guidelines, and train your employees on how to do so

Adopting chip technology may safeguard you from the costs of fraud in the majority of scenarios, but you’re still running the risk of being held liable if you fail to follow your payment network’s specific card acceptance guidelines.

Card acceptance guidelines may require you to retain sales receipts for a given period, to use chip-and-pin technology versus chip-and-signature, to get the buyer’s signature, and/or to get authorization from the card issuer for all transactions. Check out requirements for Visa here, and those for Mastercard here.

Familiarize yourself with your network agreement – but most importantly, train your employees to follow the guidelines and use chip readers correctly. If you still aren’t using EMV terminals, teach your clerks to ask for photo I.D. and to compare receipt signatures against those on the backs of cards.

Improve your ‘card not present’ security

Online shopping is becoming the norm for goods of all types. Therefore chances are, you’re also vulnerable to ‘card not present’ fraud – i.e., fraud occurring through transactions where the buyer is not physically present.

To cover yourself on this front as well, improve your ‘card not present’ security by requiring customers to supply their CVV for ‘card not present’ transactions and by using an address verification service (AVS) that cross-checks the billing address a customer provides, with the address the card issuer has on record.

Combat the issue of fraud at its source

Beyond measures that guard against fraud and liability, you have a responsibility to safeguard your customers’ data from being hacked. Preventing cyber criminals from obtaining card data stops them from supplying that data to fraudsters online – thus keeping your customers safe.

So keep abreast of the newest technology to prevent data theft. End-to-end encryption (or point-to-point encryption), for example, is currently one of the best safeguards against data breaches. It immediately encodes data received by your POS system at the “point of swipe,”  rendering any data obtained from your system by a cybercriminal unreadable. Or, another cutting-edge method involves using tokenization instead of encryption – in this case, a “token” consisting of non-valuable data is used to authorize a transaction rather than personal card data.

Cybercriminals won’t sleep. So protect your business against fraud and your system against the breaches that leave everyone vulnerable to fraudsters’ latest tricks. Upgrade to EMV readers, follow network guidelines, and stay up to date with the newest measures for preventing data theft. The more you drag your feet, the more you’ll be kicking yourself when the next security breach occurs.

Drew Sementa is CEO of Tidal Commerce, a merchant solutions and payment processing company that focuses on helping small and medium sized businesses grow

Tags: EMVFraud Risk and Analytics
22
SHARES
0
VIEWS
Share on FacebookShare on TwitterShare on LinkedIn

    Analyst Coverage, Payments Data, and News Delivered Daily

    Sign up for the PaymentsJournal Newsletter to get exclusive insight and data from Mercator Advisory Group analysts and industry professionals.

    Must Reads

    faster payments

    Faster Payments Are Set to Revolutionize Modern Digital Payments

    January 26, 2023
    How AI can Help Manage Payments Risk in 2023

    How AI can Help Manage Payments Risk in 2023

    January 25, 2023
    cross-border payments

    How to Implement Effective and Innovative Cross-Border Payment Strategies

    January 24, 2023
    credit card experiences, digital payments, b2b payments

    Will Consumer-to-Business Payment Trends Drive B2B Global Growth in 2023?

    January 23, 2023
    Faster Payments Faster Identity Verification, connected car, payments

    2023 Predictions: Authentication, Digital Identity, and In-Car Payments

    January 20, 2023
    bank data

    Interconnectivity, Data Sharing, and Security Are Vital for Banks to Thrive

    January 19, 2023
    B2B Payments, cryptocurrency

    Crypto as a Practical Solution to B2B Payments

    January 18, 2023
    AR, accounts receivable

    Digitizing AR Would Address One of Executives’ Biggest Concerns About Economic Instability

    January 17, 2023

    • Advertise With Us
    • About Us
    • Terms of Use
    • Privacy Policy
    • Subscribe
    ADVERTISEMENT
    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Videos
    • Industry Opinions
    • News
    • Resources

    © 2022 PaymentsJournal.com

    • Analysts Coverage
    • Truth In Data
    • Podcasts
    • Industry Opinions
    • Faster Payments
    • News
    • Jobs
    • Events
    No Result
    View All Result

      Register to download the Brighterion eBook - The power of today’s market-ready AI to reduce transaction fraud