Like it or not, fraud is everywhere. Seasonal peaks such as the January sales are rife for fraud attacks, because companies are either over-worked or understaffed on these days.
However it isn’t limited to special times of the year and making sure that your site is protected against fraud is a key part of setting up any online business.
Read On:
Fraud and cross-border expansion: resolving local issues
Building a trustworthy website
New online trends for 2014
So here are eight tips sourced from across the online security and e-commerce world that will help you keep your self safe and sound.
Use a secure platform
The platform you run your site on is crucial to your security. Make sure that the system you use objet orientated programming and, if it’s a third party service, make sure that your control panel is not accessible through the public facing parts of the hosts servers.
You also have to monitor your site continuously for suspicious activity and make sure that your host and/or platform provider is also doing so. The more eyes on what is going on the better.
Tools such as Tools like Woopra or Clicky are great as they allow for the monitoring of how people are interacting and navigating the site in real time and can alert you via your phone as soon as they spot any suspicious activity.
You must also make sure that your hosting contract includes them regularly policing their own systems for malware and viruses and covers installation of the latest anti-fraud technology.
Layer your security
While it is essential to monitor what is going on and to make sure that your platform provider has the most up to date security technology, you yourself must make sure that you have security in place.
And one of the most effective ways to do this is to layer it: so that you have all the back end security discussed above, but you also have in place firewalls, encryption and secure checkout and payment areas, secure forms and protected email servers all in place to make it as hard as possible for criminals to get in.
Use secure checkout
One of the weak links in any e-commerce system is the checkout. So make sure that yours runs in a secure way using SSL (Secure Sockets Layer) authentication and Transport Security Layer (TSL) encrypt payment data in transit to make it as safe as possible.
This will not only help beat fraud, but can also be a key reason for customers to shop with you.
Address and CVV verification
In addition to secure payments areas, it is wise to employ an address verification system (AVS) and to ask for the card CVV – the last three digits printed on the reverse – and make sure they match at point of transaction to keep card fraud to a minimum.
PCI sweeps and updates
It is always wise to perform regular quarterly PCI scans through services like Trustwave to lessen the risk that your e-commerce platform is vulnerable to hacking attempts.
Also, if you’re using third-party downloaded software like Magento or PrestaShop, stay on top of new versions with security enhancements. A few hours of development time today can potentially save your entire business in the future.
Continually monitor social media
Though hackers can strike in many places, social media accounts are often targeted. Therefore, guarding your brand’s social media accounts is one of the first lines of defense against fraud.
In the weeks leading up to Cyber Monday 2012, BrandProtect found more than 60,000 tweets mentioning the shopping “holiday,” some of which included links to fraudulent sites.
If your business is tweeting about Black Friday or Cyber Monday sales, or retweeting other brands, be sure that any URLs point to legitimate, trusted websites.
Don’t store sensitive data
There is no reason to store thousands of records on your customers, especially credit-card numbers, expiration dates. and CVV2 [card-verification value] codes. In fact, it is strictly forbidden by the PCI standards.
Instead you should purge old records from your database and keeping a minimal amount of data, just enough for charge-backs and refunds. The risk of a breach outweighs the convenience for your customers at checkout and, if you have nothing to steal, you won’t be robbed.
Require strong passwords
While it is the responsibility of the retailer to keep customer information safe on the back-end, you can help customers help themselves by requiring a minimum number of characters and the use of symbols or numbers.
And try and make them pick hard passwords with a ‘password strength meter’ displayed next to the password creating box. You have to do all you can to make them think secure!
Speak Your Mind