This year brings a lot of opportunity for small and medium businesses (SMBs). The International Monetary Fund (IMF) expects world economic growth for 2016 to be somewhere around 3.6 percent – higher than the predicted 2015 growth of 3.1 percent.
Unfortunately, amidst this positive backdrop lurks the negative threat posed by hackers and cyber criminals. More than 4,000 cyber attacks happen daily and one study notes that one in five SMBs will fall victim to a cyber criminal.
With the variety of payment options available to customers, the growth of mobile purchases, and the increased sophistication of cyber attacks, SMBs must take extra precautions.
Here are eight payment security recommendations all SMBs should follow:
1. Be vigilant – Keep detailed records of all sales transactions, including the date, time, contact information for the customer, and names of employees involved in the sale. Detailed notes will become invaluable if a data breach does occur.
2. Act fast – In the event of a data breach, the key is to determine the cause of the breach and implement solutions as quickly as possible. Your detailed records should help you determine exactly when the breach occurred, allowing you to immediately take action to fix the situation and let affected customers know.
3. Communicate – A Bizrate Insights study from earlier this year found that the more than two-thirds of buyers worried about data security are more confident when making online purchases when a well-known trust symbol is visible. Tell your customers about precautions your business is taking to protect personal and credit card information.
4. Pay special attention to online orders – When a card isn’t present at the point of sale, such as during an over-the-phone or online transaction, they’re inherently riskier; thus, SMBs should be even more aware of possible fraud.
5. Train employees – If your employees – the eyes and ears of your business – are well-trained on your payment processing platform, they can better detect when something seems wrong. Consider having employees complete a payment checklist for every purchase. The checklist should verify that address verification (AVS) is a match; confirm the 3-digit CVV security code; and ship to the AVS-verified cardholder billing address.
6. Don’t keep credit card information – Storing credit card numbers at your business site or on your software is a breach waiting to happen. Don’t rely on data security to be completely safe. If you don’t store sensitive credit card data, you’ve already taken a major step toward lessening your fraud threat level.
7. Don’t slack on compliance – Ensure your software is updated and your businesses’ payment security programs are compliant with the PCI Security Standards Council. Your software should also be certified by the Payment Application Data Security Standard (PA-DSS). And, don’t forget about EMV regulations, which went into effect last October.
8. Use end-to-end encryption – Keep sensitive information safe with end-to-end encryption, one of the best protectors SMBs can use to keep important information from getting into the wrong hands.
Paul Bridgewater, CEO, Sage Payment Solutions
If you are interested in learning more about the Sage Partner Sales Program and how it can help you and your merchants, go to: http://www.SagePayments.com/FindMore, or call a Sage ISO recruitment representative directly at 888.869.1239.