One of the biggest hurdles for many smaller merchants in the wake of the EMV liability shift seen nearly two years ago has been keeping up with security requirements on multiple fronts. Even though it may be difficult to maintain a strong security posture in the face of changing requirements doesn't mean merchants should eschew those efforts. On the contrary, that only makes it more important to maintain proper levels of security that conform to industry standards.
Among the primary concerns for merchants - regardless of their size - should be strict adherence to PCI standards that help keep the entire payments ecosystem safe, according to the PCI Security Standards Council. This should start with the removal of sensitive information about payment authentication from POS systems, and the limiting of any such storage going forward. Furthermore, companies need to do more to ensure their systems are less likely to suffer a data breach, and put together detailed plans for what they will do when or if that happens.
As an ongoing basis, companies must make sure they are able to monitor and limit who has access to their POS system(s), keep customer data safe, and keep up with any future changes to security standards.
Brick-and-Mortar Merchants Are Experiencing Less Fraudulent Activity
Merchants who may be skeptical that such security efforts will actually pay off for them need only look at how much the EMV shift has been a positive for brick-and-mortar retailers and restaurants, according to BRP. Since the liability shift, online credit card fraud has increased 137 percent, and has likewise fallen by similar amounts for real-world merchants. Regardless, this highlights both the effectiveness of EMV in stamping out card-present fraud and how important it is to keep credit card data stored on POS systems safe.
It is critical for merchants to understand the importance of having a plan set in place, "While EMV has received most of the attention in the last few years, there are several other critical security strategies that play a much greater role in protecting sensitive payment card and personal information," said Perry Kramer, vice president and practice lead at BRP. "It is imperative that retailers have the right strategies and controls in place to thwart the ever-increasing advances made by fraudsters." The costs to prevent a data breach are lower than the costs that merchants will endure if they have to deal with cyber criminality.
Merchants Must Implement Strong Security Plans
It's also important for merchants to make sure they're keeping up with the latest developments in payment security, simply due to how much things are shifting these days, and how rapidly. Small businesses may be particularly vulnerable to these issues because they often don't have the kind of budget that helps ensure the strongest possible defenses. It is also difficult for small merchants to keep up with the latest security trends and technology when they are juggling the everyday tasks of running a business.
Figuring out which POS security solutions are necessary and how they interact with one another is the first step towards a strong plan, “Centralizing those tools would increase their fraud detection rates exponentially and, at the same time, would reduce customer friction and merchant expense to maintain the system.” More solutions are not necessarily the best move if they are not all working in unison.
In a world where cash is beginning to lose consumer’s preference, merchants need to strive to meet consumer demands by providing safe ways to pay for services and goods. Nearly half of consumers would prefer to utilize digital payment apps, showing that they have a desire for secure and instant forms of payment. With the normalization of fraud in recent years, it is important for merchants to let customers know they are keeping their data safe. Keeping customer data secure is paramount to a business.