Large retailers aren’t the sole targets of credit card data breaches. Small business, while less lucrative for cybercriminals, can present easy pickings if the merchants accept credit cards and haven’t taken some very basic steps to secure their payments environment. Here’s what your business can do to reduce the risk of having thieves access your customers’ sensitive credit card data.
1) Don’t Keep Stored Data
With credit card payments accepted in-store and online, there is any number of opportunities for merchants to store personal payments data, physically and digitally. Credit card data is often maintained for customer convenience – for repeat and return purchases, for instance. However, stored data (sometimes referred to as “data at rest”) is vulnerable to hackers and malware. Businesses should avoid storing credit card information on any computer, POS system or mobile device no matter how secure it may seem.
2) Encrypt & Tokenize
The safest course of action to protect customer information is to move it out of the merchant environment altogether. Where does one move it? Payment vaults in the cloud are offered by a number of processors, permitting access to stored data when needed for a transaction. At first blush, this would not seem more secure, as data is in transit and, therefore, accessible. This method is rendered safe through the proper use on encryption and tokenization. The data is still accessible in transit, but is encoded and converted into digital tokens which cannot be deciphered without the decryption key.
3) Embrace EMV
EMV is a fraud-reducing technology that protects against losses from the use of counterfeit cards. The majority of credit cards now include the EMV smart chip, generating a new code for every transaction, making the card virtually impossible to falsify and re-use. The chip interacts with hardware devices and payment networks to ensure the card is authentic. In industries where card fraud is a concern, merchants should obtain the hardware and software necessary to accept the new payment standard.
4) Leverage Security Experts
Payments security is complex and changing constantly as new technologies emerge. Businesses should select a payment processor or partner who can help analyze systems, identify vulnerabilities and deploy solutions to prevent unauthorized access to customer information.
A credit card data breach can be disastrous for a small business but, with the right solution, is preventable. Learn more about the Edge Shield security bundle from OpenEdge at https://www.openedgepayment.com/en/payments-security/edgeshield-security-solutions