At last week’s Abila User and Developer Conference (AUDC 2016), Senior Product Manager Sunil Dixit from Abila Product Partner, Vantiv, gave attendees a lot to think about in his session, “Shock to the System: The New Normal for eCommerce After Data Breaches.”
Sunil pointed out that ongoing high-profile data breaches continue to make headlines, and their size and frequency continue to grow. He added that in the face of such large-scale data theft, associations and nonprofits that accept credit card payments must fight data theft to maintain the trust of their members and donors.
Sunil offered three approaches organizations can take to protect their data from breaches, and recommended that anyone evaluating a payment processor ask how the vendor handles these approaches:
- Protect your donor/member data using tokenization – Tokenization allows your organization to substitute a credit card number stored in your system with a string of numbers. The translated credit card number, or “token,” is useless to anyone trying to steal it, making it a safer means to accept and process credit card payments. And a bonus: Tokenization can reduce the scope of your systems that fall under Payment Card Industry Security Standard (PCI DDS) compliance requirements, and thereby lower your organization’s annual PCI compliance obligations and costs.
- Provide convenience and service continuity through account updating – To help combat data breaches, credit card providers are issuing new account numbers to credit card holders at an increasing rate. Look for an account updating solution that retrieves updates from the credit card issuer for the credit card numbers in your system. Ensuring credit card numbers are current is especially important for organizations that manage subscriptions or recurring payments, like many nonprofits and member-based organizations.
- Defend your donors’ and members’ payments through fraud detection – Fraudsters are both organized and crafty, so defending your organization against a variety of fraudster attack methods is critical. To fight data theft, be sure to ask your payment vendor how they handle situations when the physical card is not present, check that CVV numbers match the credit card numbers, and confirm IP address/location.
For more on Vantiv and Abila’s Partner Ecosystem, visit the Abila Marketplace.