Business Security Tips for Safer Commerce

female business owner on rooftop with tablet

As the internet hosts financial enterprises from utility payment processing for major cities to the buying and selling of corporations, the hundreds of billions of dollars transferred, earned, and spent online represent a tremendous opportunity. Big opportunities, however, are often accompanied by great risk. Some of that risk is simply the unavoidable and unforeseeable, chaotic, esoteric fluctuations of global markets.

Some of that risk – fraud and theft – is also more malicious but, thankfully, addressable. Anyone doing business online (and offline) faces both of these risks, but addressing their vulnerability to hackers, identity thieves, credit and debit card scammers, etc. requires trustworthy partners and some prudent safeguards. Payscout is the perfect partner for smart and secure payment processing that—along with some best practices below—can make your business safer and more secure.

Restrict the Number of Allowable Transaction Attempts

Significant developments in the security of physical point of sale (POS) and mobile payment processing by companies like Payscout mean that scammers are focusing more on card-not-present scams. This trend has given birth to an online marketplace of stolen payment card numbers that thieves can buy individually or in bulk. Some of those numbers have been rendered useless by reporting or have incomplete information, but scammers will often try a series of card numbers until one works. Restricting the number of allowable transaction attempts can thwart that sort of “brute force” attempt at fraud.

 Keep Track of Suspicious Card Numbers

Retain a log of suspicious card numbers. Most payment card processing companies allow vendors to review attempted transactions, successful or not. Recording and perusing those daily transactions can help identify the sort of attempt described above – if one of the cards went through before the daily transaction limit had been reached.

 Keep Your Digital Fortress in Good Repair

Payscout provides vast, dependable security measures (such as encryption and tokenization services) to protect all financial information in a merchant’s database, fraud-protection and security specialists that handle automated screening and manual review, and a variety of check and card protection and verification services. Payscout also offers services ranging from local non profit payment processing to global payment processing from multinational corporations. But their expertise and resources can only help so much if your firewall, anti-virus, anti-malware, anti-spyware, etc. protection is lapsed, lax, or not present.

 Don’t Mix Business with Personal

There are a number of good reasons for having separate, dedicated hardware, software, and devices for business and personal use. For one, using one device and/or system for your business and personal computing can result in frustrating confusion—particularly if your personal computing includes personal finances. But more importantly, if you have everything in one place and do get hacked, you risk losing everything. Be safe!

Protect your business’s future and secure its continuing growth and success at www.payscout.com.

 

Tips for Protecting Your Online Business From Debit and Credit Card Fraud

 

Man using mobile phone and laptop for shopping online by credit card. Pays for purchase.online shopping, online payment,buy and sell products .

In 2017, online shoppers spent $453.46 billion in the United States alone. With profit potential that great, every business with a product or service that can be offered online is either doing so or risking being left behind. Wherever there’s money to be made, however, there are people rushing to learn how best to steal it.

The ubiquity of plastic as the payment method of choice online has resulted in a thriving underworld industry of debit and credit card fraud. And unfortunately for online vendors, one of the most common forms of card fraud is “card not present” theft. Online vendors don’t have the luxury of checking ID to be sure the names match. That being said, there are a number of relatively simple steps that e-merchants can take to mitigate the risk of online card fraud.

 Tokenization

One of the best ways in general to reduce fraud risk is to contract with a trusted, established payment processing institution. An experienced payment processing firm should be able to handle everything from accounts receivable collections software for accounting to tokenization. Tokenization is a process that replaces sensitive data, like payment card numbers, with a “token.”

The token is a unique identifier that stands in for the actual card information (which is stored off-network in an ultra-secure data vault). The token can be effectively used by the business as necessary but is meaningless and useless to any hacker who breaches a less-secure local database, network, or payment application.

Emails, Addresses, and Overseas

Sometimes, security measures are relatively low-tech, requiring good old-fashioned risk management. In this case, keeping an eye out for details like the validity of an email address. It’s obviously not a sure-fire sign of larcenous intent, but if an email address appears to be a random string of characters at a free email domain, be wary.

The same goes for orders in which the billing and shipping address differ. There are countless legitimate reasons for that, but it can be a red flag, particularly if expedited shipping is requested. Overseas sales can be tricky. Obviously, the entirety of the planet beyond your borders is a great market, but it’s also a bit of a risk. Make sure the aforementioned payment processing firm you contract with has a solid foundation in international payment processing to help mitigate risks.

Always Require the CVV Code

This one may seem obvious, but a surprising number of online businesses still allow card transactions without requesting the card verification value (CVV) code. The CVV is a three- or four-digit code on the back of a credit or debit card. When hackers, identity thieves, and scammers get their hands on payment card numbers online the CVV is very often not present with that information. Requiring the CVV is therefore a small step that significantly mitigates the risk of fraud.

About Payscout

Payscout has worked to establish the company as one of the most trusted payment processing providers. Facilitating safe and convenient payment solutions across six continents, Payscout has been linking merchants and consumers with credit, debit, mobile, ATM, and alternative payment solutions. Managing payments, whether on-site or across mobile and online media, is easy with Payscout. Payscout integrates with more than a dozen software applications and also offers healthcare payment processing as well as specialization in non profit payment processing. Whatever your specific payment needs, Payscout can accommodate you with quick, convenient, friendly, and secure service.

Learn more about Payscout’s payment processing solutions at www.payscout.com

The Most Common Debit and Credit Card Fraud Risks for Brick-and-Mortar Businesses

Store merchant taking cc for payment

Ecommerce has emerged as a monumental market presence, and along with it, the vast, destructive shadow world of hacking and digital fraud has evolved equally as rapidly. Neither of these trends should be overlooked by brick-and-mortar business owners, whose very livelihoods depend on addressing potential threats to their businesses. Unfortunately, it’s often the proprietors and managers of brick-and-mortar businesses themselves overlooking said vulnerabilities. And in an age of mobile payment processing and dynamic points of sale, it can be an expensive oversight.

But it’s not that these entrepreneurs are necessarily lax or indifferent about security. It’s not uncommon for a location’s management and even risk-management policymakers to invest in robust loss-prevention strategies and institute strict check-vetting and acceptance, while overlooking one of the most common, insidious, and expensive security vulnerabilities: debit and credit card fraud. Fortunately, there are some practical steps businesses can take to greatly reduce their fraud vulnerability.

 ID Checks for Stolen Cards

Stolen credit cards are one of the most common manifestations of credit card fraud. Rather than somehow electronically intercepting card information, or stealing someone’s identity (usually), the thief has come into physical possession of the card. While thieves will often use stolen cards to make card-not-present purchases online or over the phone, many will also attempt to use them for physical purchases. Generally, this is one of the easiest forms of fraud to prevent by requiring that the clerk check the ID of the purchaser.

 Dummy Card Fraud

There are two variations of dummy card fraud featuring similar scams: doctored cards and counterfeit cards. Doctored cards are popular with scammers who have actual credit card numbers but don’t have the equipment to rewrite counterfeit cards. Doctored cards are real credit cards, usually printed rather than embossed, that have had their information changed. The magnetic strip on the card is then either altered or erased so when the merchant scans the card it then fails to read it, resulting in the scammer asking that the information be entered manually.

Counterfeit cards are a variation of doctored cards. Oftentimes, if the scammer has access to the technology necessary for actually printing and encoding the magnetic strip of a credit card, they will produce new credit cards written with the stolen card number.

Brick-and-mortar business owners can curb dummy card fraud by ensuring their POS equipment is EMV (chip) compatible, as chip technology is much harder to counterfeit than its magnetic-stripe-based counterpart.

How to Protect Your Business

Technology may seem like the logical place to start when it comes to protecting your business from fraud, but the reality is, successful fraud-prevention starts with people. Employee training is key. Employees are usually both the first line of defense against fraudsters and those targeted by them. Often, just a basic level of training on spotting and avoiding fraud is sufficient to significantly reduce it. The balance most businesses struggle with for card security is being as vigilant as possible without alienating the customer. No one wants to have to share their birth certificate and utility payment processing documentation to confirm their address to buy a new electronic device. But a little security can go a long way. Simply requiring customers to show an ID that matches the card and calling a manager for any card that has to be entered manually can be enough to both prevent incidences of fraud and deter future scammers.

 About Payscout

Payscout has worked to establish the company as one of the most trusted payment processing providers in the world. Facilitating safe and convenient payment solutions across six continents, Payscout has been linking merchants and consumers with credit, debit, mobile, ATM, and alternative payment solutions. Managing payments, whether on-site or across mobile and online media, is easy with Payscout. Payscout integrates with more than a dozen software applications and also offers healthcare payment processing as well as specialization in non profit payment processing. Whatever your specific payment needs, Payscout can accommodate you with quick, convenient, friendly, and secure service.

Learn more about Payscout’s payment processing solutions at www.payscout.com