‘Tis the season for mistletoe, stockings, polar bear commercials, wish lists, hot chocolate, and credit card fraudsters.
Sales during this winter holiday shopping season are projected to increase by 4.1 percent over last year, according to the National Retail Federation. Furthermore, the 2012 Accenture Holiday Shopping Survey found that consumers will spend an average of $582 on gifts this season, and 52 percent of shoppers will increase their spending by at least $250.
Many of those gifts will be purchased using credit cards. Thirty-three percent of shoppers plan to charge their gifts on a credit card, according to the Accenture survey.
The surge in credit card transactions this time of year means hackers and scammers will work overtime to cash in on all the action. Here are a few tips to help merchants ensure that, even if scammers leave their mark on the holiday season, it won’t be at the expense of their businesses or their customers:
1. The Grinch couldn’t have stolen anything if the Who’s had been PCI-compliant.
It is imperative (and required) that any business accepting credit or debit cards be Payment Card Industry (PCI)-compliant. Perhaps the easiest way to lose customers is to allow their payment information to be pilfered when shopping at your store or your online website. Maintaining PCI compliance not only helps to plug security holes, but also serves to significantly dampen the effects of a breach.
2. Encrypt your payment information, not yourgreeting cards.
Whether your organization is PCI-compliant or not, fully encrypting all points of payment is paramount to keeping vital company and customer information from being hacked. The technical term for this is end-to-end encryption, and it essentially boils down to scrambling the data sent from one device to another. A company’s mobile payment devices, credit card terminals, software applications, and online payment portals need built-in encryption functionality when transmitting customer information.
3. Take a look around and observe all the holidays have to offer.
Scammers will often attempt to tamper with an organization’s credit card terminals in an effort to steal credit card information, often with a small device attached to the terminal itself. Alert your employees to the possibility of this occurring, and remind them to regularly conduct a visual assessment of all payment processing equipment. While these devices can be concealed to look like a piece of the machine, an attentive employee should be able to easily identify extraneous equipment.
4. Santa shouldn’t be the only one checking a list.
Unfortunately, even with the best payment security, a breach can still happen. Therefore, be meticulous in the credit card sales records you maintain. If an issue does arise, it is essential you have a means of retracing your steps in an effort to determine where the breach occurred as well as to prevent any further theft.
Hopefully, following this advice will help ensure you and yours are curled up by the fire with presents from your loved ones this holiday season, while your would-be hackers are lamenting their only gift — an orange jumpsuit.
Rob Bertke is senior vice president of research & development at Sage Payment Solutions, based in McLean, Va., a division of Sage North America. He has been in the commercial payments and business-to-business electronic commerce industry for 15 years.
Follow On Small Business on Twitter.