You’ve carefully chosen the name of your new start-up, your sales strategy is fine-tuned, and your online store is almost ready. Before you start selling your products and services, think again: are you and your customers protected against online credit and debit card fraud?
Looking ahead to 2019, the Canadian population will spend $39.9 billion online. For these customers, trust is of the utmost importance, so you must ensure that you are providing them with a secure payment processing system. As a start-up, understanding the risks you’re facing is crucial.
The good news is that there are ways to protect your start-up and your customers from credit and debit card fraud. Follow these guidelines to ensure the security of your business.
1. Comply with PCI DSS standards
When shopping for a payment solutions provider, you will find that many options are available on the market. Since your business depends on your reputation and integrity, make sure your chosen provider offers solutions that are compliant with the Payment Card Industry Data Security Standard (PCI DSS); it will allow you to continue to grow your business and ensure that cardholder data is secure. The first step is to obtain a TLS (Transport Layer Security) certificate, which is a cryptographic protocol that provides a secure environment for online transactions.
2. Secure your system using the most recent technologies
To reduce the risk of having criminals access your customer data, your payment solutions provider should offer options securing your entire online transaction process. As a best practice, it is recommended that your online payment system does not store personal payment data on a computer or device. The safest solution to deny access for fraudsters is cloud storage of data, combined with encoding processes. The two most widely used technologies are encryption (the process of encoding information in such a way that only authorized parties can access it) and tokenization (a process that converts a payment card number into an alternate sequence called a token, which fraudsters cannot use). Ask your payment solutions provider if it offers such technologies and how it manages security updates to solutions you would be using.
3. Stay up to date with the latest security practices
The PCI Security Standards has published a series of free guides that you can download to learn more about best practices in securing online payments. Ensuring you respect these best practices is a great way to solidify your security system.
If your start-up is the victim of debit or credit card fraud, you should report the incident to your solution provider’s fraud department, your local police department, and the Canadian Anti-Fraud Centre. Before you file your complaint, gather all the evidence you can, such as receipts, emails, and other documents.
You invest a lot of time, money, and efforts in your business. Protecting it against online fraud is as important as installing an alarm system in a brick-and-mortar store. Make sure you are using the right tools to do it.
Any reproduction, in whole or in part, is strictly prohibited without the prior written consent of National Bank of Canada.
The articles and information on this website are protected by the copyright laws in effect in Canada or other countries, as applicable. The copyrights on the articles and information belong to the National Bank of Canada or other persons. Any reproduction, redistribution, electronic communication, including indirectly via a hyperlink, in whole or in part, of these articles and information and any other use thereof that is not explicitly authorized is prohibited without the prior written consent of the copyright owner.
The contents of this website must not be interpreted, considered or used as if it were financial, legal, fiscal, or other advice. National Bank and its partners in contents will not be liable for any damages that you may incur from such use.
This article is provided by National Bank, its subsidiaries and group entities for information purposes only, and creates no legal or contractual obligation for National Bank, its subsidiaries and group entities. The details of this service offering and the conditions herein are subject to change.
The hyperlinks in this article may redirect to external websites not administered by National Bank. The Bank cannot be held liable for the content of external websites or any damages caused by their use.
Views expressed in this article are those of the person being interviewed. They do not necessarily reflect the opinions of National Bank or its subsidiaries. For financial or business advice, please consult your National Bank advisor, financial planner or an industry professional (e.g., accountant, tax specialist or lawyer).