Skip to content
AtlanticBT Monogram Atlanticbt.com
Menu
ecommerce payment processing
August 23, 2018

3 Payment Processing Security Measures You Need to Take Now

Attacks on our sensitive business and personal information are becoming increasingly common. It seems as though everything is now available online or managed through an app. It is important we do not become complacent, no matter how often these major data breaches happen. We should all be taking every precaution to secure data. This is especially true if our business relies on eCommerce payment processing.

eCommerce security is complex. Security standards should undergo testing on a regular basis. On top of that, you should also be monitoring user activity and customer behavior. That said, your website could be the online equivalent of Fort Knox. All your vulnerability scans consistently reporting green. But, payment processing best practices for credit card validation (CCV) must be active. Without them, your company is at risk of supporting credit card fraud. This could halt your revenue for months and months. At the same time, you’re trying to recover your losses with credit card companies. It’s a terrifying beast to manage. 

Paying attention? Let me explain a few of these payment processing best practices you should consider.

1. Credit Card Validation

You might think this is a common sense approach, but validation means more than checking the number, expiration date, and CVV of potential customers. In addition to those 3 aspects of validation, incorporating Address Verification System (AVS) is another method of credit card validation. Configuring these validation fields can change based on which payment gateway (PayPal, Authorize.net, Stripe, etc.) and eCommerce platform (Magento, WooCommerce, etc.) you use. Despite these differences, it should be easy to incorporate these validation fields into your payment processing.

2. Behavior Monitoring

For a crook, credit card testing isn’t a one shot and done approach—it takes multiple attempts to verify a card number. To spot these suspicious users, look at the transaction and visitor history for your site. Pay close attention to these red flags:

  • The same IP address has multiple failed transactions.
  • Again, the same IP address has multiple purchases from different credit card numbers.
  • If you see a spike in sales for low price items.

This last point is indicative of someone testing a card number with a small price item and potentially using that card number for big ticket items elsewhere or increasing the value of that number for other hackers to purchase and use. If you notice this kind of suspicious activity, you would do well to flag that credit card and not process any transactions with it.

3. Guest Checkout

If you want to incorporate this feature into your online business, you should weigh the pros and cons. The pros can mostly be summed up as simplifying the purchasing process to drive more sales. This is great for customers who want to buy products without going through the steps of creating an account.

Cons include significant security considerations. A crook would be able to use guest checkout to test a stolen credit card (purchasing small ticket items to verify a credit card is valid) with minimal amount of information to tie them to that transaction. If you decide to enable guest checkout, in addition to validating the card number and expiration date, be sure to validate the name and address as well.

Payment Processing Is Only One Part of Security

eCommerce security is more than just good business practice—it’s also vital to protecting the customers you serve. The basic steps laid out in this post are only part of what you should consider when it comes to ensuring your eCommerce site is secure.

If you’d like more information regarding eCommerce security, contact our security team. And if you’re thinking of starting a new eCommerce site or modifying an existing eCommerce site, we have the experts you need to guide you through that adventure, as well. 

The Atlantic BT Manifesto

The Ultimate Guide To Planning A Complex Web Project

Partner With Us

Ready for modern web technology and a sharp, user-friendly design? We want to give you exactly that. Contact us to get started.

Contact

Insights

Atlantic BT's Insights

We’re sharing the latest concepts in tech, design, and software development. Learn more about our findings.

Questions & Answers

How do I build a WordPress eCommerce website?
There are two strategies to build eCommerce into your existing Wordpress site. First, you need to figure out if you need a complete eCommerce platform (ie. you need to sell many products, complex products, integration into other systems, etc.). The reason this matters is there are many eCommerce plugins for Wordpress with limited functionalities.
Learn More
What is Magento eCommerce?
Magento is an increasingly popular eCommerce platform. It is written in PHP on the ZEND framework and is distributed under the Open Source Initiative.
Learn More
How do I find out what eCommerce platform a site is using?
There are a couple different ways to determine this-- if you are technically savvy you can right click on an e-commerce page (either catalog, checkout page, etc) and look at the source code.
Learn More
How do I start an eCommerce business?
The most important thing to consider is your competitive advantage over others that may compete for the same type of eCommerce store. Low barriers to entry is both a pro and con to eCommerce.
Learn More
What is an eCommerce platform?
An eCommerce platform is software that online businesses use to build functions needed to conduct business. The platform may be as simple as a catalog and shopping cart, but traditionally "platform" refers to a more robust set of tools and services.
Learn More
What is the difference between eCommerce and eBusiness?
Because people like to define these terms to suit their purposes, there are many different definitions of eBusiness and eCommerce. We define eBusiness as completing primary business functions online.
Learn More