15 Tips for Protecting Your Ecommerce Merchant Accounts from Intrusion

Merchant Warehouse |

November 19, 2010

ecommerce security

Intrusions into your business’ merchant account can cripple your company. The following list gives you the 15 most important risk management procedures that will, if implemented correctly, help you process Ecommerce payments safely and securely. They can also help to greatly reduce the amount of customer disputes and limit your chargeback levels.

1. Train your staff to understand the risk of ecommerce exposure.
Security depends on your business policies as well as how good your fraud detection and prevention tools operate. Other measures to take into consideration are your operational practices, security controls and the kinds of services and products you offer. Your staff should be trained and organized in all aspects of this. They should understand the risks associated with online transactions and be able to implement your established risk management procedures.

2. Establish the right merchant bank and payment-processing provider.
Selecting the right acquiring bank and payment-processing provider is the first step in providing effective risk management support. Your provider should share your concern about online security and customer protection. Customer account protection, including encrypted communications, is absolutely mandatory and must be considered when making your decision.

3. Web site content and development is also an essential tool.
Your website must include your privacy, shipping, return and refund policies. Customers should be able to easily navigate their way through the site without difficulty and understand that they are safe doing so.

4. Focus on risk reduction management.
Establishing sales properly and adequately will allow you to address the customers’ risk concerns. You should indicate or highlight required transaction fields to assure you get the proper information, and verify the card and cardholder data that you receive from your customers over the Internet.

5. Fraud prevention is a key objective, of course.
Implementing a structure for these types of risks can help the profitability of your ecommerce business. The structures created “from the inside out” are the strongest strategies and controls for minimizing fraud and will help you avoid fraud-related losses.

6. Fraud prevention tool utilization must be in place with standardized practices among your staff.
There are many fraud-prevention tools to help reduce your risk exposure. Among the most commonly used are the Address Verification Service (AVS), the Card Security Verification Codes, and the Verified by Visa and MasterCard Secure Code.

7. Screening for fraud prevention, when properly implemented, can greatly reduce fraudulent online card transactions.
Your own business history can teach you where to look first so you don’t have to put undue attention on non-problems. “Staggered screening” means you will do more checking as the dollar amounts of the transactions increase, and can help you minimize fraud for large-ticket items and for high-risk transactions.

8. Merchant accounts are susceptible to “high-tech” intruders.
Taking proactive steps can reduce the risk of criminals hacking as well as their gaining access to your shopping cart or payment gateway and making fraudulent fund transactions.

9. Routing authorizations should be a safe and secure procedure.
Efficiently processing and submitting authorization requests online should be guaranteed safe before you start accepting card payments over the Internet.

10. Prior authorizations need to be implemented with a secure process.
Effectively handling and dealing with approved and declined authorizations before fulfilling an order will assure the transaction is safely completed.

11. Protect your customer’s card information through PCI compliance.
The Payment Card Industry Data Security Standards are put in place for web-based merchants. With these standards, procedures and tools are made efficient for sensitive account information protection. Reliable encryption capabilities for data transmission and effective internal controls are important for protecting stored card and cardholder information.

12. Chargebacks are annoying and unnecessary.
They represent extra processing time and costs; they can in turn hurt your profits and may result in a loss of revenue. Carefully monitoring and tracking chargebacks can enable you to take the appropriate steps to avoid reoccurring ones. You will also need to know your re-presentment rights.

13. Identifying the causes and applying corrective measures
will bring those high levels of chargebacks to a minimum, but the knowledge you gain there is applicable as well to customer returns and other refund-related actions. Learn to spot potential problems before they begin, whether by customer profiling or automated alerts on suspicious activities in your online processing (multiple card submissions after declines, etc.).

14. Use collection agencies as a means to help recover chargeback losses.
They do all of the work for you when it comes time to get nasty against those pesky and often unwarranted chargebacks. Use discretion with this method to discriminate among honest and not-so-honest customers. You do not want to make a mistake here.

15. Finally, it’s all about education.
Go over your security measures often with your staff to assure that you are on the same page. Also, be sure that your customers have an understanding of how the procedures work as well. This will eliminate any confusion. The more the customer knows, the better.

Fraud is an explosive element on the Internet these days. Hackers are as hard as ever at getting into the databases of huge and profitable companies, in order to steal valuable information about their customers. It’s imperative that you have well established ecommerce merchant account security systems in place in order to wage war against hacking criminals. Don’t let your business become another victim.

Remember that you are not alone in this effort. From the beginning of your search for a merchant account provider (if you are still shopping), make security a priority – your security and your customers’ security, too. Choose an account provider who is not only motivated in this area, but has the experience and expertise, too. And if you have a merchant provider that is less on-the-ball about this than you’d like, especially if you are suffering fraud losses, you might want to consider making a change. There is nothing more important than security for your business, when your business is your life.