Cyber-attack – the event and its consequences are not new to online merchants. Most of those who promise secured transactions to customers have had an experience of customers complaining about faulty transactions and other security breaches. Magento, Joomla and even any ecommerce platform including CMS, plugin and extensions are susceptible to such
I am sure you have read a good amount of articles on how to protect your ecommerce site against hacking and fraud and how hackers do it all. So we will not delve deeper into it again, but instead we’ll talk about some quick and easy precautionary measures that don’t require much effort from both customers and the online store owner. Sounds good!
The objective is not to bog you down with hefty guidelines and highly technical adjustments, but simplifying your safety measures and store maintenance plan that you can follow at your convenience. Knowing about various safe and secure payment options also help ecommerce website owners follow the right steps from development stage itself. As we all know ‘Prevention is better than cure’.
Easy Tips for Online Shoppers
- Avoid entering payment details into the ecommerce websites that have their own payment page. Instead, look for the stores that redirect shoppers to the highly secured payment gateway supported by PayPal, Bank or other trusted sources.
- Use Credit cards that need you to pass through additional security layers of verification such as Visa 3-D Secure, MasterCard Secure Code
- Use the help of the Google Safe Browsing Diagnostic tool to know if the website you are into is secure for online transactions.
Easy Tips for Storeowners
#1. Separate the payment gateway system from your website
Don’t keep the payment gateway system within your website. 3rd party services like PayPal and Google Wallet are reliable ones for outsourcing payments. Thus, even if the hackers are able to compromise your site in some means, they still won’t be able to steal customers’ transactional information. Talk to your online store builder today and know all the payment modules that you can apply.
#2. Strong login credentials
Use strong login credentials for every access page in the backend. If you know how to update and maintain the website firewall make it an exercise once a week, or assign a developer who will do it for you as well as monitor your store for other security parameters.
#3. Don’t host multiple sites
Avoid hosting multiple sites with your main ecommerce website. This reduces the chances of your store getting vulnerable to external threats. You can host an auction site, a blog or a forum separately. The additional hosting fees may cost you some, but the cost of running these secondary sites are negligible compared to the loss made by extruders.
#4. Delete the customer records
Use the help of the website admin or the developer in charge to delete thousands of customer records from your site from time to time. There is no good reason to store credit card numbers, card expiration dates, and CVV codes in your database and welcome to easy security breaches. You can keep a bare minimum data for charge-backs and refunds, but it is always advisable not to store sensitive data after user authentication, even if it is in encrypted form. You development guy will know how to clean old data from your site and stop storing new data.
#5. Use a Firewall
Install a web application Firewall. It can safeguard your server from unwanted intrusions and known exploits.
#6. Take a full back up regularly
Ensure you take a full backup of your site at least twice a month. Thus, in the event of any unfortunate scenario, you will be better equipped with a quick reinstall. Prepare the data backup and storage plan with an expert.
#7. Tighten employee access
Keep a close eye on your employees who have administrative rights to access your mobile site. You may prevent some of the accesses if you want a tight security. Taking that extra caution gives you better control over the site.
#8. Check for fraud
Use tools and applications that help you identify fraudulent transactions automatically. Volusion Fraud Score System and net Fraud Detection suite are the two solutions that tell you when, where and how fraud transactions took place.
Volusion assigns numbers ranging from 0 to 300 with respect to certain parameters like customer history, geographic region by IP and address, proxy detection, email login and other details. The higher the score you see out of 300, the safer the transaction is. With Authorize.net, you can set certain geographic locations from where you want to accept transactions. You may also accept or reject cards by using various transaction filters. Both these services cost you a monthly fee, but they make your life easier.
#9. Educate your staff
Understanding some of the techniques fraudsters generally follow, and applying a common sense in verifying transactional details can prevent such fraudulent actions to a large extent. Some of the commonest symptoms of such scams that you can train your staff about are:
- Mismatch of customer’s name, address and phone number in the billing and shipping details.
- Email addresses that can’t be traced back to their real domains.
- Order in large quantities.
- Order delivery via the next day air.
Any suspicious ordering behavior and delivery mode that don’t appear to be normal should be identified as soon as possible to avoid further problems.
#10. Call customers for verification
This conventional method of calling and verifying customer details still works. Sometimes, in spite of having all the armors to prevent hacking, things don’t fall in place. Your support person can pick up the phone and request additional information such as the full credit card number, contact details of the issuing bank on credit card or driver license number. This will not make your customers uncomfortable, but happy since you are trying to authenticate their purchase from your store.
Do you have any experience of counterfeiting fraudulent activities with your online store? If you have, please leave a comment here and we will share them with people who are yet to overcome similar issues.
Tweak Your Biz is a thought leader global publication and online business community. Today, it is part of the Small Biz Trends stable of websites and receives over 300,000 unique views per month. Would you like to write for us?
An outstanding title can increase tweets, Facebook Likes, and visitor traffic by 50% or more. Generate great titles for your articles and blog posts with the Tweak Your Biz Title Generator.