Running a store online involves much more than simply providing a useful product or service to your customers. Because of the rise of cyber crimes such as identity theft, e-commerce sites need to have top notch security. In fact, theft of personal data became the most reported US crime in 2014.
A study done by Identity Theft Resource Center found almost 11 million cases of stolen personal information in the year 2014. Small businesses are not immune to these scams. In reality, up to 80% of compromised credit card data that Visa investigated involved merchants who dealt with 20,000 or fewer transactions per year.
So how can a small business keep the data of its customers safe when running an online store?
A great way to start is by using a reputable website builder geared towards e-commerce. All vendors involved in e-commerce need to adhere to guidelines that have been set by an organization called the PCI Security Standards Council. Avoid any e-commerce builders who are not compliant with this organization. The PCI Council consists of the five major credit card companies and has a goal of setting the standard for online security as well as keeping the public educated on how to keep their information safe online. One of the things they stress is just how very important it is for a business to wipe out customer data as quickly as possible after the transaction.
They also insist that businesses never store the information of its card holders on their servers. These points illustrate the fact that you are at a much lower risk if you have nothing on your servers worth stealing. It can seem quite tempting to store information as a convenience to your repeat customers, however, the risks far outweigh the few advantages this offers. Consider how much business you stand to lose, not to mention the serious damage your reputation would suffer if you were the victim of a security breach because you decided not to heed this advice. Experts stress that an essential part of keeping the payment process secure is having a secure system in place for the shopping cart on your site. Try to remember that if you don’t need the information, don’t keep it stored on your servers.
Another great option is to use a third-party merchant for your financial transactions. You can let the leaders in payment processing such as Google Checkout or Paypal handle the transaction, taking this risk off your hands. Experts in risk analysis and security agree that this is a smart move. Letting another company handle processing credit card transactions allows you to focus on being a merchant instead of attempting to become an overnight IT professional.
Customers can also be encouraged to keep their own sensitive information secure.
Having high-level security on your own systems is essential if you want to keep customers safe, as any breach will inevitably result in your business practices under investigation. However, there are some things you can do to help your customers help themselves when it comes to online security.
Make sure you use a system that verifies addresses and credit cards. As the payment is processed, the data will be cross-referenced to ensure the legitimacy of the buyer. This can drastically reduce the number of fraudulent charges that your store receives. A great tool to use is AVS, as it can lower the number of bad transactions that occur with merchants who accept credit card orders over the internet.
Another great way to help your customers is to insist that they generate a complex password when they sign up on your website. If you block customers from using weak passwords for sensitive information and encourage the use of letters, numbers, uppercase, lowercase, and even symbols, you can ensure their shopping experience is secure. Experts agree, having a long and complex login password will make it harder for a criminal to execute a front-end attack.
These systems, as well as many others, can be directly employed by your website builder, and they are common on most reputable vendors for e-commerce. Compare the different features advertised, and if necessary, call customer service to get detailed answers for your questions on their security protocols before you make your decision.