There is no single strategy that can entirely eliminate the risk of a data breach. To provide retailers practical tips on how to improve the security of their customers’ payment card and personal data, we recently wrote this white paper: Beyond EMV: Best Practices for Payment Security.
EMV continues to gain the attention of retailers – mostly driven by the very large number of retailers who are seeing 6-digit monthly charge backs for EMV non compliant transactions. Most retailers who knew they were going to miss the EMV dealine had budgeted for some amount of charge backs. However most retailers are seeing the amount of charge backs far exceed the budgeted amount.
This is a significant challenge and could result in retailers running to EMV and skipping some security opportunities. However, many retailers are finding that moving to EMV, E2EE, and tokenization at the same time is faster than trying to push EMV implementations forward without closing some of their existing payment attack vectors.
Industry best practices dictate that the most effective strategy is a multi-layered security approach. Retailers’ security strategies need to include: integrated EMV-compliant payment terminals, strong e-commerce controls, network segmentation, secure communication protocols, E2EE, tokenization and a thoroughly documented and comprehensive internal set of security policies and practices.
Increasingly, retailers are realizing that simply meeting PCI compliance standards is no longer sufficient to protect customer data. Hackers are becoming more sophisticated, requiring organizations to reanalyze and revamp their current security protocols to adequately protect their customers’ payment and personal data. Retailers who have not implemented these technologies are at high risk, as the likelihood of being targeted by hackers increases every day.
Unfortunately, even as retailers focus their efforts on EMV and increasing data security in-store, fraudsters have recognized gaps in online security and are shifting their efforts to the exploitation of e-commerce sites. Online transactions create a unique set of security challenges. To protect against fraudulent online transactions, retailers must implement a rules-based fraud detection tool, auditing suspect transactions and authorizing legitimate ones.
In addition to providing a best practices comprehensive payment security strategy, this white paper includes recommended “quick wins to beat online fraud.”
Download the complete white paper:
As always, I appreciate your opinions on this topic. Please share your comments below.