If you collect credit cards through your website, you need to make sure that the payment information that your clients send to you is secured. Criminals today go to great lengths to try to collect credit card information from unsecured small business websites -- the only way you can protect yourself is through strict security protocols and reliable merchant card processing.
1. Limit Access to Your Merchant Services
It's easy to fall into the habit of letting others, such as administrative personnel, log into your merchant account. But once inside of a credit card processing account, users may be able to charge accounts and complete transactions without your knowledge. Your merchant processing company will usually have granular security access that you can allow, so that users can view charges but not update them. Make sure everyone in your company has the appropriate, limited amount of access.
2. Use a Reliable Credit Card Processor
Not all merchant services companies are made equal. Before you commit to using a credit card processing company you should look up reviews regarding the service and determine whether there have been any complaints through the Better Business Bureau. If only a few people are complaining, it could just be some unhappy customers. But if there are repeated complaints about the same issues, you know that the merchant processor likely has those problems.
3. Never Exchange Payment Information in Plain Text
It can be tempting to complete a transaction through email by simply asking your client for their credit card information -- especially if they have engaged you directly. Instead, however, you should always direct them to either complete their process through your website or over the phone. Otherwise you could become responsible for the breach of their data if someone compromises your email account.
4. Always Use SSL
SSL is a type of encryption that ensures that the data that is sent to your website is encrypted between your user's computer and your website's server. Otherwise someone could be looking at the data that's being transferred and see your user's payment information even if your actual server and merchant service is secured. You can tell whether you're using SSL by looking at your website's URL. If it says "https" you are, if it says "http" you aren't.
While securing your credit card processing can seem complex, it's essential; once this information falls into the hands of criminals, they can steal the identity of your clients and potentially compromise your own accounts. You can ask your merchant services processor for any additional information regarding keeping your system secured. Click here to learn more about website security.