Written by Paul Clarke, Product Director, Global Payment Acceptance, Barclaycard
Cybercrime is turning into the scourge of the age for anybody that trades online. And yes, I do mean anybody.
It’s easy to think that it’s only the big boys that are at risk. They’re the ones whose data protection breaches make the headlines after all. And anyway, why would anyone want to go after a small player when there are much bigger fish to fry?
Well the truth is that often those cyber gangs aren’t going after the smaller business as such. They are preying on their weaknesses though. We know that they scan the internet for known software vulnerabilities, then look to see which businesses are using that software. They’ll then launch automated attacks – the victim is almost accidental.
Is your website vulnerable to hackers?
Just because you’re not a specific target, it doesn’t mean you won’t be attacked. That’s why every merchant is a potential victim.
I can’t offer much comfort with the stats either. A survey of businesses trading online, commissioned by Barclaycard, shows that 48% have been hit by some form of attack in the last year. Even more shocking, around 10% have been hit more than four times.
Too often this kind of threat goes unnoticed by businesses. That’s perhaps best illustrated by the fact that only 20% see tackling cybercrime as a top priority, according to our survey.
Why is this? Well part of the problem has been that most of them happen under the radar. There is no requirement to report a data security breach, so nobody knows they are happening.
This is changing though. It’s expected that, by 20181, all victims of data breaches will be required by law to make it public if it puts individuals at risk2. That will certainly help to shed some light on the problem and put the security of data centre stage.
But for now, there are steps you can take to give yourself the best chance of staying safe.
What makes an e-commerce site weak?
It’s important to make sure that your website is protected with security software and firewalls. And it’s vital that you keep your systems updated, downloading security updates as soon as they are available. There’s always a lag between a vulnerability being found and the fix being applied, but do try to keep that down to a minimum.
For many, good housekeeping can have a huge affect on business security. For instance, we know lots of merchants don’t change the default passwords on their systems. That’s a big vulnerability right there.
And do you use computers for payments that you also use for non-business activity such as surfing the web? If so, try not to. It introduces additional risk, and you want to keep your business systems away from as much of that as possible.
Don't become complacent
Another personal weakness to guard against is complacency. Nobody thinks they’re being complacent, yet if you assume you’re safe because your payment system comes from a reputable supplier such as Barclaycard, that’s exactly what you are being.
That’s not because Barclaycard's payment systems aren’t secure. They are. But that doesn’t mean there aren’t weaknesses elsewhere in the chain. If you’re holding any personally identifiable information about your customers on your servers, you can prove to be rich pickings for a hacker regardless of how secure the payment process is.
Of course, using a hosted payment page is one of the best ways to secure one vital part of the process. Doing so means you won’t be holding any customer card data yourself, which means it can’t get stolen if you’re attacked.
And in general, just up your awareness and be suspicious. Keep a close eye on your website because, if you do get hacked, you may notice some changes on there. And look out for all the usual dodgy emails and phone calls asking for information.
The way I look at it is like this. You wouldn’t hand over your bank details unless you were certain, so don’t do it for your business.
Speak to us today to find out how we can help your business – 0800 0466814
Please note that the views expressed in this article are personal opinions. Barclaycard cannot accept any responsibility or liability for reliance by any person on this article or any of the information set out in it.
*Calls to 0800 numbers are free from UK land lines and personal mobiles, otherwise call charges may apply. Please check with your service provider. Calls may be monitored or recorded in order to maintain high levels of security and quality of service