A recent report by research firm Forrester has uncovered the potential growth of mobile payments over the next 5 years. Forrester have said they expect to see mobile payments triple, from the €52 billion they reached at the end of 2015 to a staggering €148 billion by 2021. All due to the development and wide roll-out of contactless payments throughout the EU. Although online and phone card payments have been around a little bit longer than mobile payments, they are still growing. In 2017 many businesses now operate purely online, and this growth in eCommerce and non-cash transactions they have needed to take a look at their security protocols a lot more closely.
If your business accepts online, mobile or phone payments here are a few tips to take note of to make sure that you are operating as securely as possible.
PCI DSS Compliance
In our blog last month we debunked a few of the myths regarding PCI DSS compliance that have made their rounds as a result of the confusion surrounding compliance and what it means for your business. But why is it so important to be compliant? Any business that processes, stores or transmits any credit card data must operate in line with the regulations to ensure that all customer information and data is being kept completely secure.
Choose a Secure eCommerce Provider & Processor
Even with all the regulations put in place by the PCI some companies still don’t take security as seriously as they should. To make sure you’re working with one of those companies that do you need to do your research. See what other people have to say about them in their reviews, are they reputable? Do they trust them? Have they ever had any trouble using them? If the company or anyone doesn’t mention their dedication to security there must be a reason, it is likely that they’re not that secure at all. If security was their top priority they would make sure everyone knew about it.
With online, mobile and phone payments you’re dealing with customer transactions in a card not present (CNP) environment, but even without the card owner and their card you can (and should) still verify every transaction. There are a few ways you can do this; make it a requirement for the customer to supply the security code or CVV number on the back of their card, make sure there is an address verification (AVS) match, and monitoring all customer purchase patterns so if you spot anything out of the norm it can be investigated or even blocked.
Make Sure You & Your Team Stay Informed
Despite all of the data security standards that are in place and regulations that are enforced a lot of breaches occur as a result of human error. Without the proper knowledge or a level of even basic security training you are surely putting your customer data at risk. All staff need to be educated and made aware of all the latest threats and security risks. Everyone should be able to verify transactions, understand the dangers of opening unsolicited emails and their attachments as well as implications sharing any sensitive information could have.
Find out more about our payment solutions…