What Makes Secure E-commerce "Secure"?

If your business operates an e-commerce website, security should be one of your top concerns. Data breaches at major retailers in which millions of customers’ payment information has been stolen have been well-publicized over the past couple of years.

However, just because yours isn’t a Fortune® 500 company doesn’t mean that you couldn’t be targeted by hackers. In fact, cyber-thieves sometimes target small and mid-sized businesses because such firms often don’t have adequate safeguards in place to protect their customers’ payment information.

Here are 4 tips for boosting the security of your e-commerce website and increasing your customers’ confidence when they do business with you online:

1. Make sure your site is in compliance with PCI DSS. This stands for the Payment Card Industry Data Security Standard, which establishes security procedures for merchant credit and debit card processing. If you process, store or transmit your customers’ credit and debit card information, you are required to comply with PCI DSS security requirements.

2. Use a Secure Sockets Layer (SSL) Certificate that incorporates the latest data encryption technology. SSL is the foundation of e-commerce data security, since it encrypts all transmissions of your customers’ payment data so it can’t be read by hackers even if they steal it. Various levels of SSL encryption are available, generally ranging from 128-bit encryption to 256-bit encryption. The higher the level of encryption, the more secure the payment transactions will be.

3. Don’t delay the installation of software security patches. Whenever security patches are offered for software running on your business computers, download and install them right away. It’s often discovered that e-commerce sites that are breached were running old versions of software and code that were vulnerable to hackers.[1]

4. Do not store your customers’ payment information. It is usually not necessary to hold onto your customers’ credit card numbers, expiration dates, CVV2 and AVS codes, and other sensitive payment information once the online sale is completed. PCI DSS specifically states that merchants accepting credit and debit cards are not allowed to store such information.

Bonus tip: Choose your merchant services processor very carefully. Not all processors offer the highest level of SSL encryption or other sophisticated data security safeguards. PNC Merchant Services offers PayeezySM Gateway, a merchant processing payment gateway solution that provides the highest level of cardholder data security, including 256-bit encryption. By acting now and upgrading to PayeezySM Gateway, you will be eligible to receive an extra layer of security delivered through TransArmor® Data Protection tokenization to help protect data at every transactional processing stage. TransArmor Data Protection is included with Clover® Security Plus, but you must upgrade to Payeezy Gateway in order to take advantage of this additional security layer that can significantly reduce your risk to data security issues.

If you have more questions about e-commerce website security or payment gateway solutions offered by PNC Merchant Services, please call us at 888-235-6959.

More Insights eNews

Get helpful articles like this sent automatically to your inbox quarterly.

Subscribe »


Associated Products & Services

Data Breaches are on the Rise

Help protect your customers’ valuable payment card data and improve data security for your business with Transarmor Solution.

Learn More »

Customize Data Files with Data File ManagerSM

Data File Manager is PNC Merchant Services' information reporting solution designed for larger businesses. It allows businesses to generate customized raw data files for reconciliation with their corporate tools and reporting systems.

Learn More »

Remote Check Deposit Solutions

Enhance your PNC experience! With DepositNow you can process receivables faster and deposit checks into your PNC business checking account, any time of the day or night. It’s easy – simply scan, transmit and deposit.

Learn More »

Important Legal Disclosures and Information

  1. 1 http://www.sitepoint.com/5-security-essentials-ecommerce-sites/

Payeezy Gateway is a registered service mark of First Data Corporation

TransArmor is a registered trademark of the First Data Corporation in the United States and other countries.

The Clover® name and logo are owned by Clover Network, Inc., a wholly owned subsidiary of First Data Corporation, and are registered or used in the U.S. and many foreign countries.

Merchant Services provided by PNC Merchant Services Company and are subject to credit approval. PNC Merchant Services is a registered trademark of The PNC Financial Services Group, Inc.