Entries tagged with “data breach”.


As a small business owner, you need to know about every little thing that happens in your company. You need to know about inventory, profit margins, marketing, and employee retention to name a few. Whether you accept payments online, with a smartphone, or in a brick and mortar store, accepting payment from customers is a vital part of becoming profitable. Here are three payment terms you should know.

1. Chargebacks

Chargebacks happen when customers file a dispute with their bank or credit card provider about a charge they disagree with. The disputed charge might be a result of technical or clerical error (being charged twice or charged the wrong amount) or it might be a quality issue, where the goods received are not what was purchased. The most common reason for a chargeback, however, is a fraudulent transaction. Chargebacks can protect customers from fraud, identity theft, and error, but if they are abused they can cause problems for your business. To avoid chargebacks you should gather detailed information from the customer, (billing address, shipping address, etc.) and be as accurate as possible in all your record keeping. Providing fantastic customer service and making your customers fully aware of your return policy can also help prevent chargebacks.

2. EMV/Chip Cards

EMV stands for Europay, MasterCard, and Visa who banded together to set standards for authenticating credit and debit card transactions. Together they formed a company called EMVCo that promotes the use of “smart cards”. Smart cards contain a micro-chip that can hold far more information than a traditional magnetic stripe. Because a smart card can hold more information, they can support multiple methods of authentication, making them more secure than a magnetic stripe alone. Instead of relying solely on matching a signature with a card, EMV cards require the use of a PIN. This PIN can be authenticated either online, with the PIN being encrypted and verified in real time, or offline, with the PIN being verified by the EMV card itself. While EMV cards are far more secure than the standard magnetic stripe cards, that doesn’t eliminate the need to have data security. EMV cards are common in Europe, and are becoming more common in the U.S. In October 2015, several major credit card providers including American Express, Visa, MasterCard, and Discover will be implementing a liability shift for point of sale terminals. This liability shift means that merchants and card issuers not using EMV compliant cards assume liability for all fraudulent transactions. If you want to be on the cutting edge, you might consider figuring out how to accept multiple payment methods, so you can still accept magnetic stripe cards as you and your customers upgrade to the more secure EMV cards.

3. Magnetic Stripe Cards

Magnetic stripe cards are the most common type of card in the U.S. However, since these cards rely on a visual authentication via a small hologram and the cardholder’s signature, these cards are far from secure. These cards are easily counterfeited and far more likely to result in security breaches so it is vital to secure your financial information to protect yourself and your customers. A good payment processor will keep customer financial data secure, even with the less secure magnetic stripe cards. While magnetic stripe cards are far from the most secure method of payment, they are still the most common payment method, so you can’t just default to accepting only the more secure types of payment. New payment methods like the EMV card, Apple Pay, and Google Wallet are becoming more and more common. Being able to accept these newer, more secure forms of payment while still accepting magnetic stripe cards is becoming a necessity.

Knowing these three vital payment processing terms can help you protect yourself and your customers’ financial data. It will also keep you on the cutting edge and help you know how you need to prepare for the future.

About ProPay

Since 1997, ProPay has provided simple, secure and affordable payment solutions for organizations ranging from the small, home-based entrepreneur to multi-billion dollar businesses. ProPay is a leading provider of complete end-to-end payment security solutions that reduce, and may even eliminate, an organization’s risk of having sensitive payment data compromised. ProPay can help you:

  • Enable merchants to quickly begin accepting credit and debit cards through instant underwriting
  • Secure payment data
  • Reduce compliance obligations
  • Reduce overall transaction costs
  • Enable companies to ACCEPT and MAKE payments in multiple international currencies

At least one, and possibly two, cybersecurity breaches have recently affected one of the nation’s largest wealth management firms.

A new financial advisor, recently promoted after undergoing years of training, stole customer information from the firm’s data system. More than a quarter of a million clients of the firm had their names, account numbers and the amount of money in their accounts posted on an online data sharing site, with a subsequent offer to sell the information for a particular amount of bitcoins (online digital currency).

The suspect in the case purportedly downloaded client information by running internal reports on the firm’s wealth management clients. He subsequently transferred the information to his own personal devices. Investigators discovered the data after retrieving the employee’s personal computer from his home.

While the advisor admits to obtaining the data, he claims he did not post it, nor put it up for sale. Some investigators have postulated that hackers stole the data after he placed it on his personal devices, resulting in two separate breaches affecting the same group of individuals.

In response to the data theft, the wealth management firm has now limited employee access to client information, so that large amounts of information regarding the firms’ clients will no longer be available to any one individual.

According to cyber security experts, a cautious approach regarding data access is the best. Rogue employees are one of the most difficult threats to detect, and a “cloak and contain” policy, allowing individuals only the amount of information they need to do their jobs, is the best way of to keep client data safe.

To learn more how to protect your customer’s credit card and payment information feel free to contact ProPay. Call 888-227-9856 or email marketing@propay.com.

Fraud prevention can seem like an overwhelming subject for those who run small businesses, especially if they’ve just opened up shop. Fortunately, there is no need for the massive layers of security or huge teams that are often associated with giant companies. Instead, fraud prevention for small businesses is best done by using common sense and a careful eye.

Find Out What Country Orders Really Came From

This is a big help for preventing fraud. Sometimes, an order will come through that seems to be from a legitimate location, but something might seem just a bit amiss. Perhaps the order is for more items than are usually sold, or there’s a comment in broken English, or there’s some other tip-off that all is not what it seems. That’s when you need to use the IP address of the customer to see where the order really came from. If your shopping cart software provides this information, just copy it and paste it into a reverse IP lookup site. A Google search will reveal plenty such sites. Once you enter the IP into the lookup site, the site will tell what country it’s located in. Don’t ship if it isn’t the country the customer gave in the order.

Check Your Records

If someone irately writes you demanding a refund, do a simple record check and make sure that the person ordered anything from you. Sometimes it’ll turn out that they did not. Of course, a dedicated criminal won’t just go away when you tell them that, so your next step is to tell them that you don’t give refunds until you have the item back. Don’t let them wear you down on that policy. Refunds given before items arrive are nothing but gifts for criminals.

Use a Merchant-Friendly Payment Processor

Many criminals work their frauds by demanding refunds from their credit card issuers instead of from you. Some payment processors always mindlessly side with the “customer,” and crooks take massive advantage of such policies. Look for a processor that is not so “customer-centric” that they end up becoming your adversary. Of course, you’ll still need proof that you upheld your end of the deal, so be sure to use trackable shipping.

For more tips on fraud prevention, just contact us. We’ll be glad to help you thwart criminals and ensure that all of your merchandise is not only bought, but paid for.

Starting a business can be hectic. There’s a tsunami of administrative tasks to do, such as getting licenses and any needed office space. You also need to set up contracts with suppliers, figure out how you’ll ship everything, and of course, find a way to accept payments. With all of this going on, it’s easy to make financial mistakes that can cost a surprising amount of money. Keep these small business financial success tips in mind to prevent surprise losses before and after you open your doors:

- Don’t buy a huge amount of stock on speculation. While some wholesale deals require you to buy in large quantities, you don’t have to pick one of the largest quantities. It’s better to start by purchasing a minimal amount of stock so that you can see which options actually sell. When you’ve found out which items are the clear winners in your market, you can go ahead and up the amount you buy from your suppliers.

- Avoid high-cost merchant accounts. Not long ago, there was only one real way to accept credit card payments at a business. You would have to get a merchant account with a payment processor. This typically involves a variety of fees that can easily destroy a start-up’s profit. These setups typically have statement fees, transaction fees, set-up fees, gateway fees, and a grab bag of other fees that add up to substantial amounts each month. Now, accepting payments for your business has never been easier or more affordable. With some of the most modern processors, you can accept credit cards and checks, set up subscription payments and more – all for one low annual fee and a reasonable per-transaction charge. Even better, these solutions aren’t just for e-commerce sites. They work through a variety of physical methods, as well.

- Get professional tax advice. There is a huge amount of misinformation about what can be deducted, how much tax has to be paid, how to handle taxation on employee wages, and other things concerning how taxes affect small businesses. To get the real facts about how your taxes need to be handled, hire a tax accountant and have him or her explain everything. Of course, the accountant can prepare your return as well.

For more ways to save money and avoid financial mistakes with your new business, just contact us. We’ll be glad to help you avoid high merchant account fees and other pitfalls.

A major internet service organization recently found itself the victim of a cyber security breach regarding financial data.

The company fell prey to hackers by a spear-phishing attack. Spear phishing is the attempt to get corporate information by sending an e-mail message that appears legitimate. The fraudulent message sometimes asks the recipient to click on a link to verify information. Instead, that link can download spyware, Trojan horses, or malware. That’s what was believed to have happened in the breach; employees clicked on links in an e-mail that apparently led to the installation of malware.

Besides giving the hackers access to e-mail, the scam also compromised content management systems, internal communication systems, and the company’s data system for managing domains. Security enhancements implemented months ago, by the firm, likely limited the unauthorized access sought by the hackers.

While this company will no doubt be more vigilant guarding against future spear phishing scams, there’s a lesson here that businesses of any size and type can impart to their own employees: Don’t click on links in e-mails that looks suspicious, particularly if the message is asking for information.  To learn more, contact us here at ProPay.