Keeping a customer’s payment information private should be one of the biggest concerns for all business owners. There’s nothing worse than a security breach that involves the loss of credit card numbers and other billing information. Small business owners can take several steps to ensure customer data is kept private including encryption, authentication procedures, and PCI compliance.
Pick a Reputable Payment Provider
A virtual credit card terminal should be just as secure as processing a payment at a retail store. For starters, do as much research as possible before picking a payment provider. This includes reviewing the company’s security procedures, reading online reviews, and comparing with other services.
Payment providers with consistently negative reviews should be avoided, especially those with complaints about security breaches. Although security may come at a premium over the less expensive providers, customer security is worth the added cost.
Look for PCI Compliance
It’s a good idea to look for a provider that meets the Payment Card Industry Data Security Standard for accepting payments online. Check with Visa and MasterCard to ensure that the provider meets their certifications, or check directly with the provider for proof of PCI compliance.
Once you’ve found a provider that is PCI compliant, it’s important to check at least quarterly to ensure they are maintaining compliance. If the small business itself is not capable of maintaining PCI compliance, look for a payment provider that hosts the services in-house. This means all credit card processing, storing, and transmission of data is done by the payment provider’s systems.
Offer Self-Authentication Services
Both Visa and MasterCard allow customers to authenticate purchases themselves on participating websites and e-commerce stores. With MasterCard SecureCode or Verified by Visa, shoppers must verify their card details and enter a password they’ve created before the payment is actually processed. This helps you offer customers a piece of mind and prevents unauthorized users from making purchases on a stolen credit card. Customers must have set up the service with their credit or debit card before the service can be used.
Test the Payment Process
Avoid future problems with payments by testing the payment service before accepting live payments. Any reputable payment provider will allow business owners to walk through the process including adding items to a shopping cart, entering billing details, and processing a payment through the system.
Make sure that everything works smoothly and that an order confirmation is received once the payment is processed. It’s also a good idea to make sure the information is being transmitted securely through an encrypted server, and that the page layout matches the rest of the website.
It’s your responsibility to ensure that payments are processed correctly and securely, and that the payment provider maintains PCI compliance throughout the relationship. Research should always be conducted before choosing a payment provider, and testing should verify that everything works correctly before accepting live payments.