If your business operates an e-commerce website, security should be one of your top concerns. Data breaches at major retailers in which millions of customers’ payment information has been stolen have been well-publicized over the past couple of years.
However, just because yours isn’t a Fortune® 500 company doesn’t mean that you couldn’t be targeted by hackers. In fact, cyber-thieves sometimes target small and mid-sized businesses because such firms often don’t have adequate safeguards in place to protect their customers’ payment information.
Here are 4 tips for boosting the security of your e-commerce website and increasing your customers’ confidence when they do business with you online:
1. Make sure your site is in compliance with PCI DSS. This stands for the Payment Card Industry Data Security Standard, which establishes security procedures for merchant credit and debit card processing. If you process, store or transmit your customers’ credit and debit card information, you are required to comply with PCI DSS security requirements.
2. Use a Secure Sockets Layer (SSL) Certificate that incorporates the latest data encryption technology. SSL is the foundation of e-commerce data security, since it encrypts all transmissions of your customers’ payment data so it can’t be read by hackers even if they steal it. Various levels of SSL encryption are available, generally ranging from 128-bit encryption to 256-bit encryption. The higher the level of encryption, the more secure the payment transactions will be.
3. Don’t delay the installation of software security patches. Whenever security patches are offered for software running on your business computers, download and install them right away. It’s often discovered that e-commerce sites that are breached were running old versions of software and code that were vulnerable to hackers.
4. Do not store your customers’ payment information. It is usually not necessary to hold onto your customers’ credit card numbers, expiration dates, CVV2 and AVS codes, and other sensitive payment information once the online sale is completed. PCI DSS specifically states that merchants accepting credit and debit cards are not allowed to store such information.
Bonus tip: Choose your merchant services processor very carefully. Not all processors offer the highest level of SSL encryption or other sophisticated data security safeguards. PNC Merchant Services offers PayeezySM Gateway, a merchant processing payment gateway solution that provides the highest level of cardholder data security, including 256-bit encryption. By acting now and upgrading to PayeezySM Gateway, you will be eligible to receive an extra layer of security delivered through TransArmor® Data Protection tokenization to help protect data at every transactional processing stage. TransArmor Data Protection is included with TransArmor Solution, but you must upgrade to Payeezy Gateway in order to take advantage of this additional security layer that can significantly reduce your risk to data security issues.
If you have more questions about e-commerce website security or payment gateway solutions offered by PNC Merchant Services, please call us at 888-235-6959.
Payeezy Gateway is a registered service mark of First Data Corporation
TransArmor is a registered trademark of the First Data Corporation in the United States and other countries.
Merchant Services provided by PNC Merchant Services Company and are subject to credit approval. PNC Merchant Services is a registered trademark of The PNC Financial Services Group, Inc.