According to a 2017 report from Bloomberg, “A World Economic Forum survey of about 750 experts identified massive data fraud/theft [as the biggest technological threat for 2017]”.
Considering some of the major data breaches that big name businesses faced in 2016, it’s easy to see why.
Healthcare enterprise Centene experienced a data breach that affected 950,000 customers, the IRS was hit with a breach that released the personal information of over 700,000 taxpayers, and even the FBI — an organization that frequently pursues cyber criminals who steal sensitive data — wasn’t spared. In February 2016, hackers “dumped” the files of 30,000 FBI and Department of Homeland Security (DHS) workers.
Not all major data breaches in 2016 dealt directly with eCommerce fraud, but those that didn’t beg businesses to consider the financial chaos that could have ensued had the motive been monetary gain. The incidents should also give businesses the impetus to review their eCommerce fraud protection strategies for 2017 to ensure that employee and customer data is actually safe.
eCommerce Fraud Protection in 2017
If an organization like the FBI — which has a consummate understanding of data theft and cyber fraud protection strategies — can have hackers breach its servers, what chance does the average business stand to guard its data against dedicated hackers?
The answer depends on strategies businesses implement and whether the strategies are updated to counter the latest cyber threats. When your business takes the measures below — and keeps IT-based security measures current — you significantly increase eCommerce fraud protection for sensitive information pertaining to customers, employees, and your organization.
1. Implement PCI DSS Compliance
For the security of payment card data, nothing protects eCommerce customers like Payment Card Industry Data Security Standard (PCI DSS) compliance. PCI DSS Compliance has seven control objectives for protecting payment card data that underpin 12 security requirements that must be met to achieve full compliance.
Merchant service providers (MSPs) that offer PCI DSS compliance and additional security options provide a high level of protection against fraud involving card-not-present transactions. As Mobile Transaction reports, “In the U.K., card not present transactions represent 64% of the total credit and debit card fraud, and the number has been increasing in the last decade.”
As a merchant who accepts online card payments, implementing PCI DSS compliance is the best eCommerce fraud prevention measure you can take to protect customers against thieves who swipe payment card credentials.
2. Don’t Permanently Store Card Data
Because thieves can’t steal something that isn’t there, not storing payment card data from customers is the ultimate protection against card number theft. Some business transactions require storing card payment data for a specific period of time (e.g. reserving a hotel room, renting a car, retaining an attorney, etc.). However, after the data serves its purpose, destroying it is the most secure form of eCommerce fraud protection.
In addition to deterring would-be thieves, not storing payment card information can reduce operating costs. If you use a third-party data storage service for card data, you may be able to cancel the account. If you keep the data on-site, you may be able to retire a data silo that holds the information, which could reduce utility and maintenance costs.
3. Use 24/7 IT Network Monitoring
Whether you perform network security monitoring in-house or outsource to a third party, you should establish a plan for monitoring the network around the clock, 365 days a year. Outsourcing this task is usually more cost effective than performing it in-house, largely because third party providers use elite diagnostic software that automatically detects security threats.
The software is designed to detect patterns of malicious activity coming from inside or outside — such as the measures a hacker would take to access a data silo — and alerts you of threats in real-time.
Because hacking isn’t a nine to five job, it’s essential to monitor the network at all times. Imagine showing up for work on Monday morning and discovering a hacker used your website as his digital playground all weekend, defacing the site and thieving data. Using 24/7 network monitoring is a fraud protection measure for eCommerce businesses that prevents this from happening.
4. Use a Specific Computer for Banking
The strategy is listed in a late 2012 report from Forbes on protecting small businesses against cyber crime — and the simple tactic remains valuable more than five years later.
As the United States Small Business Administration (SBA) explains, you can strengthen eCommerce fraud protection by “[Using] a dedicated computer for all your online financial transactions and, ideally, one that isn’t used for other online activity such as social media, email and web-surfing which can open up the machine to vulnerabilities.”
Using a specific computer for financial transactions and accessing financial data goes against the trend of using a single computer for as many applications as possible — at least, that’s what leading smartphone and smart tablet manufacturers seem to want us to do.
However, when you consider how much is at stake — employee data, customer data, and proprietary business data — as well as a damaged public image in the wake of a data breach, this common sense eCommerce fraud protection approach is worth taking.
About Allied Wallet
Allied Wallet is a global provider of eCommerce merchant accounts, personal eWallets, and related services. Our PCI DSS compliant accounts serve 196 countries, accepting 164 currencies. If you need an MSP or eWallet provider that gives you flawless access to the global marketplace and provides ultra-secure transactions, we are your best option.
To learn more about our services and how we support eCommerce fraud protection, call us today at in the U.S. at (888) 255-1137, call us in the U.K. at +44 203 318 8334, or send us an email through our contact form. We look forward to hearing from you and seeing how we can increase the security of your eCommerce transactions.