Looking ahead to 2019, the Canadian population will spend $39.9 billion online. For these customers, trust is of the utmost importance, so you must ensure that you are providing them with a secure payment processing system. As a start-up, understanding the risks you’re facing is crucial.
The good news is that there are ways to protect your start-up and your customers from credit and debit card fraud. Follow these guidelines to ensure the security of your business.
Security Best Practices
1. Comply with PCI DSS standards
When shopping for a payment solutions provider, you will find that many options are available on the market. Since your business depends on your reputation and integrity, make sure your chosen provider offers solutions that are compliant with the Payment Card Industry Data Security Standard (PCI DSS); it will allow you to continue to grow your business and ensure that cardholder data is secure. The first step is to obtain a TLS (Transport Layer Security) certificate, which is a cryptographic protocol that provides a secure environment for online transactions.
2. Secure your system using the most recent technologies
To reduce the risk of having criminals access your customer data, your payment solutions provider should offer options securing your entire online transaction process. As a best practice, it is recommended that your online payment system does not store personal payment data on a computer or device. The safest solution to deny access for fraudsters is cloud storage of data, combined with encoding processes. The two most widely used technologies are encryption (the process of encoding information in such a way that only authorized parties can access it) and tokenization (a process that converts a payment card number into an alternate sequence called a token, which fraudsters cannot use). Ask your payment solutions provider if it offers such technologies and how it manages security updates to solutions you would be using.
3. Stay up to date with the latest security practices
The PCI Security Standards has published a series of free guides that you can download to learn more about best practices in securing online payments. Ensuring you respect these best practices is a great way to solidify your security system.
Using the Right Tools
If your start-up is the victim of debit or credit card fraud, you should report the incident to your solution provider’s fraud department, your local police department, and the Canadian Anti-Fraud Centre. Before you file your complaint, gather all the evidence you can, such as receipts, emails, and other documents.
You invest a lot of time, money, and efforts in your business. Protecting it against online fraud is as important as installing an alarm system in a brick-and-mortar store. Make sure you are using the right tools to do it.
- Notify your payment solutions provider’s fraud department if you’re a victim of fraud or have a sale you suspect is suspicious.
- Notify your local police department and provide them with all the supporting evidence, such as receipts, emails, and other documents.
- Notify the Canadian Anti-Fraud Centre. They identify trends and alert/prevent fraud by gathering alerts from merchants involving advance fee fraud and internet fraud, as well as criminal intelligence.
- Guide to Safe Payments
- CBC article (quote from Canada Post)
- Global Payments white paper: Navigating Canadian ecommerce environment