As recent news stories have illustrated, a data breach can not only harm a retailer financially, but also damage their reputation and impact consumers’ trust. With the growth of e-commerce and mobile payment options comes additional security risks and challenges. Retailers need to proactively explore and implement measures to protect against payment security risks and reduce the impact that a data breach can have on their businesses.
Here are three reasons retailers need to take a greater stance and protect their business against data breaches:
1. Financial impact of breaches is growing: Malicious attacks on customer data have grown in complexity and sophistication, making even large companies with advanced security measures vulnerable to cyber attacks. In fact, in 2012, the average financial loss from a data breach for a large U.S. retailer was $5.4 million, including the costs to investigate and respond to each issue. While implementing new security measures and payment technology can be costly to update and maintain, taking steps to be more secure can prevent a significant financial and reputational burden in the future.
2. Multiple data uses weaken security: Big data can be a valuable asset for many retailers, however, companies face the challenge of getting the most out of consumer data while protecting sensitive information. Consumer data is collected not only to process a transaction, but also to help retailers better understand consumer behavior and anticipate their needs. As a result, consumer data is spread across various platforms, databases and applications. While analyzing and applying this data can help retailers provide a better shopping experience, storing the data on multiple platforms provides more entry points and opportunities for criminals to gain unauthorized access to sensitive information.
3. Innovation carries risk: Retailers are eager to be at the forefront of implementing the newest programs and technologies, but these new innovations may also pose risks to data. The task of protecting consumer data can seem daunting, but just as data breaches are rising in sophistication, so are methods to reduce risk and deter future data compromises. Companies work with merchants to provide innovative, secure solutions for accepting payments to help them stay ahead of changes in the way consumers pay.
Many credit card processers and card brands are committed to implementing tokenization as a way to prevent future costly data breaches. The use of tokenization can enable many systems that handle customer data to be eliminated from the scope of Payment Card Industry Data Security Standards (PCI-DSS) compliance, saving merchants’ time, effort and scarce resources. However, the chosen tokenization approach must be compatible with a merchant's existing payment applications, business systems and processes, enabling the data to be accessible and beneficial to the business.
Additionally, merchants can employ advanced fraud detection technologies on their websites. These technologies can determine not only the location of the purchase but also the device identification and if it's been used fraudulently in the past.
Recent data breaches have put both large and small retailers on high alert. At the same time, innovation also brings new risks to data. Retailers have many options to protect both themselves and consumers as technology develops and transforms payment practices for years to come.
Mike Passilla is the CEO of Chase Merchant Services, the global payment processing, merchant acquiring and offers business of JPMorgan Chase & Co.
- Companies:
- Chase Merchant Services