1-855-360-5360 (TOLL FREE) 

What you should know about payment security

11/29/2015   category: EMV Migration

ecurity should be a top priority for every business. While many headlines about data breaches usually focus on large retailers, like Target Corp. and The Home Depot Inc., there are numerous data breaches and fraud instances that we don't hear about, especially those that happen to small and midsize businesses.

According to a recent Kaspersky Lab study titled "Damage Control: The Cost of Security Breaches,"http://media.kaspersky.com/pdf/it-risks-survey-report-cost-of-security-breaches.pdf, over 90 percent of respondents had experienced at least one security incident.

One data breach could cause a small business to go under. That's why it's critical for industry professionals to have an excellent grasp of payment security and how it works in new technologies. Here's a look at the different payment methods and the security behind each one.

Swiped cards

When making an in-store purchase, you're used to quickly swiping your credit card. As you probably know, this recently changed, and swiping cards will soon become the old way to pay. Although swiping is on its way out, it's good to understand the security behind this method so you can explain the advantages of Europay, MasterCard and Visa (EMV) chip cards.

Mag stripe cards use the same technology as cassette tapes ? showing just how far behind the United States was before EMV came into play this year. Data is stored within the stripe on the back of the card, and it contains the consumer's account information. That same data is used repeatedly for every transaction, making it easy for hackers to pull this information off the card and use it to create a duplicate card. Fortunately, the United States has implemented chip cards to make in-store credit card payments more secure, but it'll be a while until swiping is completely gone.

Chip cards

With the liability shift now in effect, chip cards are the new way to pay. Each card contains a microchip that creates a unique token each time it's used during a transaction. This makes it nearly impossible for a criminal to create a counterfeit card to use during an in-store purchase.

When a consumer inserts a card into the EMV slot, also known as "dipping," the data is encrypted and a unique token is created, so even if a hacker were to access a consumer's information, the token displayed wouldn't be tied to the actual card.

During an EMV transaction, consumers are prompted by the terminal to either provide a signature or enter a PIN for verification. In some cases, transactions may not require either, depending on the total purchase amount. Currently, the majority of chip cards issued in the United States require signatures, not PINs. However, if a chip card is stolen, it's much easier to forge a signature than to guess a PIN. Given that PINs enhance security and most of Europe is already using PINs, it'll be interesting to see if the United States eventually changes its approach.

Mobile payments

As new mobile payment services enter the market, mobile payment adoption continues to rise. The technology behind mobile payments is called near field communication (NFC), which enables two-way communication between two devices that are within a few centimeters of each other. Data is transmitted wirelessly. With NFC, consumers can complete transactions with a simple tap of a mobile phone. When paying with Apple Pay or Android Pay, consumers are required to enter a password or scan their fingerprints for verification. This enhances security, making it almost impossible for hackers to steal information or make fraudulent transactions.

In newer mobile devices, such as the iPhone 6S, a chip or "secure element" authenticates each purchase and completes the transaction. Similar to chip cards, a unique token is created in place of consumers' information when the data is transmitted. Employing the chip, unique code and touch technology makes it extremely difficult for hackers to access consumers' information.

Another factor to consider is that most consumers are attached to their phones, so even if a mobile phone were stolen and a hacker attempted to make a purchase, it's likely the phone would have already been reported stolen. With credit cards, it takes consumers longer to realize when they are lost.

Security should be top of mind to protect your merchants' data and that of their customers. When speaking with potential and existing merchant customers, explain the differences in security to help validate why they should adopt new technologies for their businesses. With the enhanced security and more consumers using new payment methods, there's no reason to avoid new technologies.

Source: greensheet.com




EMV Migration
Merchant Benefits
Mobile Payments
Near Field Communication (NFC)
Industry Trends
Marketing



2016 payment trends - What's to come?

EMV liability shift: Who's liable for what - and when?

Restaurants adjust to EMV tipping

EMV observations at the liability shift

What you should know about payment security



 January 2016
 December 2015
 November 2015
 October 2015
 September 2015
 August 2015
 July 2015
 June 2015
 May 2015
 January 2015
 November 2014
 October 2014
 September 2014
 May 2014
 April 2014
 March 2014