Never before have businesses been able to trade so easily with customers around the world. With a top-notch merchant account and fit-for-purpose payment gateway, it’s possible to open the doors of an eCommerce business to millions of potential customers, no matter where they live.
Hand-in-hand with this ease of doing business comes the potential for online fraud. Many people wrongly believe online fraud to be the biggest fraud threat to businesses today, despite research showing in-store fraud 25 times as costly. But it is a threat, all the same.
In this first instalment of a three part series, we look at the four types of fraud of which you should be most aware.
Credit/ Debit Card Fraud
The most common of online frauds, in simplified terms this happens when a card holder’s details are stolen and used to purchase goods or services online. Most cardholders will have separate passwords to help protect themselves from such attacks – for example, the ‘Verified by Visa’ 3D Secure scheme.
As a business, however, you should be monitoring sales and using advanced security tools to monitor for suspicious transactions.
Hacking is illegally gaining access to the control tools and restricted pages of websites. This includes client details and payment pages, and having gained this access a cyber-criminal is then able to extract money from your business as well as place fake orders and, potentially, steal money from your clients.
Using secure hosting, ensuring that you keep your CMS updated on your website, and changing passwords regularly will help to thwart this type of attack.
This is the cyber-space equivalent to a fraudster looking over your customer’s shoulder in a shop. The cyber-criminal ‘listens in’ to electronic communications between your online store and the customer, recording card and personal details.
One of the best ways to prevent this type of online fraud is to use an SSL certificate.
Malicious Code Attacks
In many ways similar to hacking, an attacker may use malicious code to gain control of your system. Most common of these are:
- Spyware, which captures data as it is keyed in
- Backdoor, which allows the hacker to control your computer
- Command and Control, which searches out and executes system commands
How to protect yourself from online fraud
Hacking and Backdoor attacks are the most common form of online fraud. They are highly dangerous to a business, and in attempts to eradicate online fraud, UK businesses must be PCI DSS compliant. This requires a business to conform to a whole range of security measures and standards in order to protect both themselves and their customers.
The best payment service providers use the most modern and sophisticated software and systems to protect their customers, with state-of-the-art payment gateways providing high level security.
Many businesses outsource their payment page hosting requirements, as well as storage of client data, to their payment provider. This enables them to concentrate on their business, while benefitting from their payment provider’s superior security capability.
In the next part of this series, we’ll look at the PCI DSS Standards in a little more detail.