Online retailers have two issues to consider pertaining to the acceptance of credit and debit cards from their customers. First, there are the issues surrounding charge-backs. Second, and the focus of this article is the security and privacy issues relating to customer’s credit card data. In the early days of the Internet, it was often difficult to convince customers that it was safe to use their credit card at your web site. Nowadays, most are comfortable with doing so, but with all the reports of stolen identity, this doesn’t mean that your customers don’t still have concerns about the security of their data.
Based on my experiences as an online retailer, I can tell you that there are 7 questions that are asked by customers on a regular basis. Certainly can’t blame customers for their concerns – not only from a stolen credit card standpoint, but from an identity theft perspective as well.
The top 7 questions you’ll likely face from your customers in your online business include:
1. Will you see my credit card information before you process my order?
2. Will my credit card be processed immediately?
If not, who will have access to my credit card information when the order is processed?
3. How may people in your business will have access to my credit / debit card information?
4. How will you store my information?
People are concerned not only about their credit card number, but their name, address and phone number data as well.
5. Will you print out my order at your site with my data showing?
It’s always a good idea to print and store orders. Be sure to set up your software program so that only the last 4 digits of a credit or debit card appear.
6. What steps do you take to keep my data secure? If you store printed copies of my order, where are they stored? Do you have a firewall installed to help protect electronic copies of my data?
Keep all printed order records in a locked storage area with access limited to you or high level trusted employee. Always be sure to have a firewall installed to protect electronic data.
7. Who has access to electronic copies of my data? Are the files password protected?
This is common sense. Be sure to limit access to customers data to yourself and a trusted high level employee only! Ensure that all files are password protected.
8. How are passwords to my account data handled? Who has access to these passwords and how are they secured?
Depending on the size of your business, perhaps it’s only you that has access to this data. If so, keep the access information in your head and keep a hard copy of the access information in a safe off site. If you allow employee access, be sure it’s very limited – perhaps to a single high level and trusted employee.
For further information on keeping your customers data safe and secure, you may want to check out the FTC’s web site at ftc.gov. The e-commerce section of that site is loaded with great tips on helping you in the never ending chore of keeping customers data safe and away from unscrupulous individuals.
