2014 is poised to be the most important year to date for mobile security. For many consumers, however, mobile security is already among the highest priorities when engaging with apps and services that require the input and potential storage of sensitive personal information.
According to a recent report from the U.S. Federal Reserve Bank of Boston, the unfamiliarity and complexity of the mobile device and associated technologies create security concerns for consumers who want to be confident that their personally identifiable information and actionable financial information (e.g., account numbers, PINs, security codes, and passwords) are protected in storage and while being used to process a mobile payment transaction, whether that storage is on the mobile device or in the cloud.
“Consumers aren’t the only ones who need to be mindful of mobile security,” independent business analyst Mike Randazzo says. “The business owners on the other side of the mobile transaction need to be just as cautious.”
With online and mobile shopping having a banner year in 2013, retailers are rapidly adopting new strategies – and technologies – to make shopping easier for consumers. But with this effort comes the need for retailers to choose carefully the software, technology, and associated vendors that will make this transition to mobile as seamless and secure as possible.
According to Randazzo and other experts in the field, there are important steps retailers must take to ensure mobile payments made via smartphone credit card processors are as safe and secure as possible in 2014, which is expected to be a turning point year for the growth of mobile payments.
Ensure Your PCI Compliance is Up to Date
Even though security measures are already built into mobile credit card readers, there are extra precautions retailers can take to ensure cardholder data is protected. In fact, retailers that use merchant accounts for processing credit card transactions are contractually obligated to safeguard customers’ credit card information. Every business dealing with credit card processing must meet Payment Card Industry (PCI) compliance standards in order to continue accepting cards from their customers.
PCI standards are not laws, but rules that retailers must follow. If they do not retailers may face fines from PCI or lose the ability to accept cards, according to CreditCardProcessing.net (CCP.net), which provides how-to guides and tips about credit card processing for small businesses. Retailers with merchant accounts can review CCP.net’s checklist to ensure they are PCI compliant in order to accept credit cards from customers as payments.
Be Sure to Select Only Encrypted Card Readers
Look for a partner that supports the highest form of encryption technology, preferably end-to-end. All top-of-the-line mobile credit card readers today will have some form of mobile encryption. The top two, PayAnywhere and Square have slightly different security measures in place. PayAnywhere, North American Bancard’s mobile POS solution is Payment Card Industry (PCI) Data Security Standard (DSS) compliant and has end-to-end encryption. While industry competitor Square Inc. also follows PCI and DSS standards the company offers reader encryption mainly for stored and public transmission of data.
With end-to-end encryption, personal data processed on a credit card reader is essentially wrapped in protective security layers until it reaches the processor. Much like shipped products are bubble wrapped so as not to be broken until they reach their destination, end-to-end encryption certifies credit card data is protected so it cannot be accessed until it reaches the processor destination. This encryption ensures personal data safe from a swiped credit card remains safe and secure in the transaction process.
Sharing Isn’t Always Caring
When retailers use credit card processing, it’s important to remember the android or iPhone suddenly becomes much more valuable. Retailers, quite frankly, need to ensure they keep their phone to themselves. Phones processing credit cards should be used by the only by the retailer and dependable employees. Since customers have now come to trust digital computer registers are secure, retailers can begin to instill the same confidence in mobile credit card processing by taking reasonable steps to ensure their card reader is used responsibly for business, as opposed to their child’s YouTube toy.
Work Those Review Sites to Ease Customer Worries
It’s a known fact that when in doubt, consumers tend to look online for reviews. Some studies now suggest customers trust reviews as much if not more than friend recommendations. This provides a unique opportunity for retailers to diminish holiday shopper fears once and for all this year.
Merchant Account Reviews, a Web site that reviews merchant account services and equipment, acknowledges that customers might have concerns about giving out credit card information to be entered into iPhone credit card readers. Retailers can ease customer worries by letting them know that none of their credit information is actually stored on the iPhone via review sites. Explaining that all transactions are transmitted directly to a secure payment gateway will put the customer at ease knowing that the transaction is secure.
Then there’s your general review site such as Yelp.com or Google Places where customers self publish reviews. Use these spaces as an opportunity to address the fact that you are using a credit card processor and why this makes you the best retailer around. Whether it’s a speedy checkout process or a tech savvy staff, retailers can use these review sites as a place to not only emphasize the convenience and safety of using mobile credit card processors, but also to attract customers into their stores and brand themselves as the hippest new retailer in town.
“It’s an exciting and promising time for the mobile payments space,” Randazzo says. “As long as consumers and retailers remain educated on best practices and optimal mobile security efforts, this industry is going to see unprecedented growth next ear and beyond.”