business.com receives compensation from some of the companies listed on this page. Advertising Disclosure

Home

11 Ways to Help Protect Your Company (and Customers) When Taking Payments Online

Scott Gerber
Scott Gerber
business.com Member
Updated Jan 29, 2021

A security incident could cost you time and damage your reputation. Here's how to protect your customers and your brand when accepting online payments.

In today's digital world, there are many hazards that you and your company members must work together to prevent. After all, problems can develop as quickly as clicking a link in an email.

So, how can you defend against online breaches in security when threats are so pervasive? What are the best ways to improve online security? To find out how you can better protect your business, we asked 11 entrepreneurs from YEC to weigh in on their best ways to improve online security, especially regarding payments. Here's what they advise.

Editor's note: Looking for a secure credit card processing service for your business? Fill out the below questionnaire to have our vendor partners contact you about your needs.

Which online payments are the most secure?

Among the most secure online payments are:

  • Credit cards. For small business owners, credit cards are especially secure since payment compliance standards (also known as payment card industry compliance or PCI compliance) regulate their use. Your customers will also benefit from credit cards since purchases made on a credit card do not immediately withdraw money from the customer’s bank account. Instead, the money initially comes from the credit card company, not the customer. 

  • Debit cards. Small business owners also benefit from accepting debit card payments since they too are governed by PCI compliance. Debit card purchases are additionally among the most secure online payments for customers since, in some cases, debit card use from an unfamiliar IP address can trigger identity verification measures with the customer. Additionally, neither Visa nor Mastercard debit and credit cards hold customers accountable for unauthorized payments.

  • Wire transfers. In cases when both your company's bank and the customer's bank are reputable institutions, wire transfers are usually secure online payments. That’s because a bank with a strong reputation presumably lacks an extensive history of data breaches and other security gaps, thus suggesting this bank has active safeguards in place against fraud and other security concerns.

  • Mobile wallets. Digital wallets such as Apple Pay and Amazon Pay are widely seen as among the most secure online payment methods available. Customers benefit from these pay forms' masking of credit and debit card numbers, and your company benefits from these payment types since your customers must use a fingerprint or PIN to verify their purchase. This approval eliminates the chance that your company accepts fake credit cards since mobile wallets cannot function without being linked to a real debit account.

Now that you know which online payments are the most secure, read through the following expert tips to keep your online operations safe and sound:

1. Use two-factor authentication.

"Having two-factor authentication is crucial, especially when it comes to accounts throughout your social media. If someone has access to any of your accounts, they basically have access to your financial payments attached to them as well. Having your two-factor authentication will secure every login you make. It'll notify you whether it's being accessed from another device you're unfamiliar with." – Fritz ColcolABN Circle 

2. Use third parties for storing sensitive information.

"One of the highest-risk activities is storing credit card numbers. We frequently suggest using a third-party transaction partner that will also take responsibility for storing payment details, thus removing significant risk." – Ryan D MatznerFueled

3. Choose a secure e-commerce platform.

"Choosing a secure e-commerce platform like Shopify will give you added security and peace of mind. You as a business owner won't be solely responsible for detecting threats and providing security: You'll have a third party to help you out and keep you safe, too." – Blair Williams, MemberPress

4. Buy cyber liability insurance.

"As more personal information is being collected and stored through online transactions, the risk to organizations who are collecting personal information and payment information online is growing exponentially. Investing in cyber liability insurance coverage, along with proactive security measures, helps offset the financial impact of a data breach and the legal costs that arise from it." – Brian GreenbergLife Insurance Quotes 

5. Use a personal verification system.

"For high-ticket items, it may be worth taking a look at a personal verification system. For example, Airbnb uses this technology by allowing users to verify themselves with a driver's license or passport. Users that are verified are able to book rooms immediately without having to wait for confirmation." – Syed BalkhiWPBeginner

6. Don't store customer payment data.

"One of the easiest ways to improve your online security when taking payments is to get rid of any payment data as soon as the transaction is complete. If you do need to store payment data, then you can protect it from intruders by using a private network to store it." – Chris ChristoffMonsterInsights

7. Get an SSL certificate for your site.

"A lot of small businesses may overlook security because they think they won't be a target, but small businesses are often the most targeted when it comes to credit card breaches. So make sure to get an SSL certificate for your site. It will protect your website and your customers' valuable information." – John Turner, SeedProd LLC

8. Ensure PCI compliance.

"SSL protocol is the best way of ensuring that the payments made on your website are secure. SSL certificate implies that all customer information is encrypted and reduces the risk of exposure by cyberattacks. Make sure you comply with Payment Card Industry Data Security Standards (PCI DSS) to ensure an additional layer of security and thus establishing trust." – Rahul VarshneyaArkenea

9. Educate users about the importance of VPNs and security.

"While there are many things a site can do to protect user data, like using SSL or storing data in the cloud, it's important to keep your customers well-informed as well. By using a VPN, security software and updated browsers, these can also help limit the possibilities for customer data to be lost or stolen. This information can be posted on your site or through a monthly newsletter." – Zac JohnsonBlogger

10. Ensure your hosting provider has safeguards in place.

"In today's digital world, you have to take extended security measures to accept online payments. First, you want to make sure your web hosting provider has safeguards in place for this scenario. Secondly, you need to make sure you have Secure Socket Layer protection to encrypt any data that gets inputted to your site. Thirdly, get a service like Cloudflare to protect from any DDOS attacks." – Jared WeitzUnited Capital Source Inc.

11. Watch for patterns.

"When it comes to online purchases, you will find patterns of fraud. Most likely, your third-party payment processor has this security in a place where you can rest easy, but every now and then a fraudulent order may slip through the cracks. You'll start recognizing patterns, so write them down and train new employees of these patterns to watch out for." – Jared AtchisonWPForms

Additional reporting by Max Freedman.

Image Credit: Jirapong Manustrong / Shutterstock
Scott Gerber
Scott Gerber
business.com Member
Scott Gerber is the founder of Young Entrepreneur Council (YEC), an invite-only organization comprised of the world’s most promising young entrepreneurs. In partnership with Citi, YEC recently launched BusinessCollective, a free virtual mentorship program that helps millions of entrepreneurs start and grow businesses. Gerber is also a serial entrepreneur, regular TV commentator and author of the book Never Get a “Real” Job.