Lock

Protecting customer data continues to be one of the top priorities for businesses of every size. As cyber criminals become increasingly sophisticated, it’s vital that business owners understand how to keep up with their changing tactics in order to continue to keep customers’ data safe.

Some merchants are already aware of the challenge. A Barclaycard study revealed that three in 10 businesses say online threats such as data breaches and hacks are a major concern, with 35 per cent also saying this has prevented them from introducing online services.

However, given that £1 out of every £4 was spent online in 2015, staying off the digital high street often means missing out on a significant revenue stream. Thus the challenge is learning how to balance data security whilst creating a smooth customer experience for all your shoppers. Fortunately, payment providers are helping by deploying a growing range of tools to help prevent threats.

Through our experience of working with ecommerce businesses, Barclaycard has developed a series of recommendations to equip you with knowledge that will help your business make the most of online payment opportunities, without sacrificing security.

  1. Regularly review security and fraud measures
Firstly, all businesses should complete a risk assessment to understand what potentially sensitive or valuable information is being held and where it is. This informs what controls are needed to protect customer data. By identifying what data is attractive to criminals, you will be in a much better position to take the right precautions to keep it safe.
  1. Prioritise CNP fraud prevention
Despite a fall in overall card fraud, card-not-present (CNP) fraud – which affects online retailers in particular – is on the rise thanks to data breaches that enable criminals to get their hands on customer details. A key way to reduce the risk of a breach is to set up a secure website for online payments in keeping with industry regulations. By diverting customers to a hosted payment page (HPP) to complete the transaction, rather than building your own website, customers are protected when they hand over their card details.

An HPP hosted by a reputable third party provider will also simplify the payments process for your business, therefore cutting down on the hours you spend on admin and allows you to focus on what you do best.

  1. Stay vigilant against growing eCommerce fraud
It is well-known that when one way of making money is closed to fraudsters, their attention turns to another. For example, when the mass uptake of Chip and PIN in the UK made in-person card transactions too difficult to corrupt, fraudsters started pursuing the CNP market instead. With the introduction of Chip & PIN technology to the US, another market is being shutdown to would-be criminals. As fraudsters look further afield, all businesses operating online need to be alert to eCommerce fraud, which will continue to be a growing target.
  1. Understand your security
New technology, such as data encryption or secure servers for storing sensitive information, can help merchants fight fraudsters – but only if you fully grasp how it works, how it is implemented and what controls are used to protect the information. Working with an experienced payments provider like Barclaycard can help you to not only gain the latest technical capability to fend off fraud, but also the knowledge of seasoned experts to tailor these tools in a way that works best for your business.
  1. Be safer by being compliant
Any business taking card payments needs to adopt the Payment Card Industry Data Security Standard (PCI DSS), which offers protection for both customers and businesses. This can minimise the impact of any security breaches, whilst helping mitigate the financial implications of an attack and guarding against any reputational damage that might arise as a result.

Ultimately, the most important thing is getting the basics right – being aware of what data you are storing and where. Once you are clear on this front, it will be much easier to understand which additional measures will be most effective to protect your business and customers from attacks, and the best ways to implement these so you don’t disrupt the customer experience. By striking this balance you can capitalise on the popularity of the digital high street and see your business grow.

By Paul Clarke, Global Payments Acceptance at Barclaycard