3 Credit Card Security Questions You Must Ask Your Payment Processor

Posted by Jayme Moss on Dec 9, 2014 12:39:58 PM

Credit card securityDo you remember the magic eight ball as a kid?  Does he/she like me? "It is decidedly so!"  Will I pass my exam next week?  "Ask again later." Will the Browns win the Superbowl?  "Outlook not so good."  

But we are no longer in high school, and while some of those questions and answers are still surprisingly relevant, today's questions for merchants should without a doubt be about credit card security.  Because in today's world of card transactions, merchants cannot be too careful.  We are constantly bombarded with news from retailers, both large and small, of hacks and attempts that can cost both consumers and merchants dearly.  It warrants taking a minute to analyze your existing card security, and ensure your payment processor is "on the ball" (no magic required).  

Here are 3 questions every merchant should be asking their payment processor:

  1. Does your risk management system track anomalies or trends that are unusual to my business?
    "WITHOUT A DOUBT!"  There are many different ways merchants are defrauded, whether it be internal or external fraud. For example, a credit or refund without a corresponding sale should trigger a discussion and flagged as possible internal fraud. An external case may be that fraudsters are using your website for card testing.  Card testing is where your gateway is used to test the validity of stolen cards by stealing your gateway credentials. This type of fraud can costs merchants thousands in authorization and gateway fees -  there are times that fraudsters send tens of thousands of card numbers to be testing in a period of a month, before you even realize it is occurring! The problem- Visa and Mastercard will still bill their transaction fees no matter what in these cases.  Having a risk management system alerts you to these anomalies before they cause serious monetary harm is crucial. 

  2. Can you help us remove cardholder data from our systems and applications with tools like tokenization and Point-to-Point Encryption (P2PE)?
    "SIGNS POINT TO YES!"  It is important that your processor provide you access and guidance on using P2PE hardware and tokenization solutions to remove this data from your systems. This not only eliminates the threat of a breach, but it also reduces the time you spend annually on your required Self-Assessment Questionnaire.  

  3. Do you have in-house developers that can assist with the integration, configuration and testing of a new payment application or payment application upgrade?
    "YOU MAY RELY ON IT."  Implementing more advanced security tools like Point-to-Point Encryption and tokenization tools can be daunting for merchants with limited IT time to dedicate to a project of this magnitude. Look for a provider that has the expertise to give you this support to take out the complexity. Also, make sure they offer options, as there are many flavors of encryption and tokenization solutions in the marketplace today. Some have their benefits and operational pitfalls that you may find out about all too late in the day.

Ask the Solupay Experts

Go ahead and test us.  Our card security experts stand behind our robust product offerings, and will deliver the accurate responses you need to be confident in your own card security.  With Solupay, your "Outlook is good!"

Get more information about Security Concerns

Topics: Online Fraud, P2PE, Card Security