With the Public Policy Exchange hosting a conference this week to discuss cyber security, what better time to discuss how business can protect their payments systems.
74% of attacks on retail, accommodation and food services companies target payment card information because the data is easy to convert to cash, and therefore the preferred choice of criminals. Every stakeholder from the police, to industry, businesses and government representatives will be meeting today, underlining the need for all parties to work together to lower the risk of security breaches. The same applies within organisations, which is why we think knowledge about best practice must be shared widely across all businesses.
Every year we see business security breaches, which result in the loss of personal data and negatively impact consumer confidence. The knock on impact of this is not only cost of a breach to the business - an average of £2.21m in 2015 - but increased customer churn, as consumers are becoming more aware of payment and data security and voting with their feet.
Payment security is high on the public agenda. A third of adults in the UK avoid contactless when shopping because they don’t trust the technology. This rises to 43% of the over 55s, compared to just 22% of under 35s. As the industry moves towards mobile payments, we have seen this issue develop, particularly among older consumers; half the average adult view (20%) and considerable below the under 35s, a third (36%) of whom think mobile payments are 100% secure.
Furthermore, across all age groups, half of all those surveyed are concerned about how their personal information will be used when making mobile payments. With attitudes like this, it is clear that the payments industry is facing problems as a result of consumer security concerns.
In an effort to address shopper fears, and increase trust and usage, businesses must ensure they invest in the best security solutions. By having the optimal procedures in place, they will be able to assure their customers that they are dealing with the issue head on.
To help with this task, here are our top tips for securing payments systems – as recommended by the PCI Security Standards Council:
Prioritise password security
Malware attacks will primarily target back-office computers, looking for weak or default passwords. Introducing a policy across the business to change passwords quarterly will help reduce the risk of a security breach.
Update anti-virus software
In a retail store and other fast moving business environments, it is easy to put off admin such as performing software updates. However, it is important that businesses encourage staff to update their technology regularly, as it reduces the risk of customer data becoming compromised, and prevents the resulting impact on business revenue and customer relationships.
Secure payments networks with encryption
One of the most effective ways to protect sensitive information is to encrypt data at the Point of Sale. Vodat’s Unified Payment Solution enhances security even further by removing and encrypting customer card data from the merchant network altogether – storing it in a secure data centre.
Work with trusted third parties
A business’s internal security protocol can be watertight, but third party vendors could still be introducing weaknesses in the payments network. To ensure customer security, businesses must check they are working with organisations that implement the latest data protection standards, as outlined by the PCI Security Standards Council.
To find out more about increasing payment security, contact Vodat