How to keep your customers information secure when taking payments online
Australians are becoming more concerned with how their data is handled by companies, according to a 2019 report on the State of Security in the eyes of Australian Consumers.
The level of payment security a business has influences who chooses to purchase from them, how customers purchase from them, and how much they spend. The report revealed 74% of Australian consumers say their confidence in a business’ data security influences whether or not they spend money with them. Even worse — 43% of consumers will never return to a business post data breach.
The security measures you can do in under 10 minutes to protect your business
PCI compliance - what are your responsibilities?
Not only is information security important for protecting your business’ payment data, but it can also help minimise customer churn and support vital recurring revenue streams.
There are two parts to protecting your customers’ payment data:
1. Ensuring you are following the PCI compliance standards on your end
2. Partnering with a company that prioritises data protection by upholding PCI compliance standards. Ezidebit holds the highest level of PCI compliance, Level 1, meaning that every transaction processed by us is secure.
How to ensure you are following PCI compliance standards
You need to take steps to ensure there is no information in your business ecosystem that’s at risk of being stolen or hacked. The best way to start taking proactive measures is by scoping out the requirements of PCI-DSS. You can read about the PCI-DSS standards here.
The Payment Card Industry Data Security Standard (PCI-DSS) is an information security standard for organisations to ensure the protection of sensitive cardholder data.
Look at your data security practices, do you have policies and procedures in place to ensure you’re handling payment data safely?
If you’re not sure where to start, we recommend you review the following four areas first:
Phone: Make sure your phone system does not capture card data through voice recording or other data capture means
Physical records: Ensure physical copies of your customers’ information are destroyed or shredded when they are no longer needed
Emails: Always delete any emails containing sensitive information and look at other secure ways you can collect customers’ payment details
Computer and website: Ensure your website and computers are protected by up-to-date anti-virus software and firewalls
This infographic clearly outlines where your responsibilities lie as a business and how partnering with Ezidebit can help you meet your PCI compliance.
Reassure your customers that you take data security seriously. Let them know the measure and policies you have in place to protect their data.
Partner with a secure third party payment processor
Investing in an eCommerce payment solution that complies fully to PCI-DSS requirements is the best way to ensure that your customers’ data and financial security is protected.
PCI-DSS authorised payment options are significantly more secure than non-compliant alternatives, thanks to a range of sophisticated data protection techniques. This includes firewalls, encryption, ongoing scans and evaluations, penetration testing assessments and high-tech monitoring solutions.
Ezidebit holds the highest level of PCI compliance, Level 1, meaning that every transaction processed by us is secure and you can feel confident your data is protected.
Our program — the Merchant Trust Initiative — is designed to help business owners like you navigate cybersecurity. The program equips you with the right tools and resources to ensure you are handling and managing cardholder data securely, and enhancing overall security within your business.
Beyond PCI Compliance
While complete PCI-DSS compliance is important, security needs to be a daily priority that’s built into your business practices, too.
Rather than simply seeking compliance with the PCI-DSS standards, businesses should consider security strategies in all of your business processes. This requires a daily coordinated focus on people, process and technology, and to be part of your Business As Usual (BAU) tasks.
But the first step should be to access a payment partner that adheres fully to PCI-DSS. Get in touch to talk to one of our security experts.