Enter Details

Comment on stories, receive email newsletters & alerts.

This is your permanent identity for Business Insider Australia
Your email must be valid for account activation
Minimum of 8 standard keyboard characters


Email newsletters but will contain a brief summary of our top stories and news alerts.

Forgotten Password

Enter Details

Back to log in

The security questions that every company should be asking

Photo: Dan Kitwood/Getty Images

With more businesses operating online than ever before, security has moved from physical to virtual. Ensuring the safety of the details of your business and above all else, your customers, is an absolute priority.

Here are the questions you should ask yourself to make sure everything is locked down.

Can I answer the security concerns of customers?

Trust is the number one thing customers look for when purchasing online. If they feel more secure elsewhere, that is where they will shop — regardless of product offering or price. Knowing that you have all bases covered brings not only peace of mind for yourself, but your customers.

This is critical for fast growing companies. For example,when Uber switched to using Braintree for payments, they gained secure encryption built right into the Uber app. With Braintree’s platform, the customer who enters credit card information into the app is the last person to see it. Sensitive information, such as credit card details, are never stored on Uber servers. Instead, Braintree stores the data with some of the most advanced encryption methods available. This is definitely something that customers love to hear.

Also utilising Braintree’s security, is hi-tech loyalty program LevelUp, where users link their credit/debit card for payment and LevelUp issues a unique QR code to the user. The user displays this QR code on their mobile device using LevelUp’s app.

“We wanted to make sure that none of the three parties engaged in the payment-the customer, merchant and LevelUp-actually touched the credit/debit card information,” said Seth Priebatsch, CEO of LevelUp. “We believed that this would create the most secure mobile payment experience around.”

Don’t forget the importance of making it easy for your customers to contact you with any concerns, and ensure you have trained staff on hand to answer any questions.

How reliable is my security?

Choosing a reputable brand is paramount. Look for the quality of services offered, the depth of information provided and when looking at payment platforms, integration with all common payment options — including PayPal.

The best programs will offer off-site data backup with a third party (if this third party is undisclosed, even better) and disaster recovery services, so you’ll never lose your information.

Braintree offers Vault, which securely stores customer information, including payment methods, using tokenisation. This means that customer’s credit card details will converted into a “token”. A merchant never sees the card number, and if hacked, the thief can’t use the tokens.

This token adds an extra layer of security, and can be used to create transactions without having to worry about PCI compliance.

Tokenisation also takes place when using Apple Pay, encrypting any credit or debit cards added to the passbook app on supported Apple devices.

What about fraud protection?

The Australian Payments Clearing Association (APCA) revealed total payments fraud in 2014 equalled $393,144,971 which amounts to 0.02 percent of overall card & cheque payments. Card fraud rates over since 2014 have grown from 46.6 to 58.8 cents for every $1000 spent. The UK’s card fraud rate is now 75 pence in every 1000 pounds spent.

This increase is due to the rise in card-not-present fraud (not face-to-face) which on Australian cards has risen 42 per cent to $299.5 million, with two thirds of this ($200.6 million) occurring overseas, according to APCA.

It’s clear that when it comes to your payments platform, a fraud protection strategy is one of the most important elements.

It can also be one of the most complicated to be implemented. Securing developer resources can be a challenge, with a six week to six-month integration process as standard. This can be devastating to a start-up, with 68 percent of merchants not realising they have been hit by fraud until they have suffered a significant loss.

Braintree is a great solution with a quick start up time, eliminating the obstacles for merchants by offering an integrated fraud prevention solution in conjunction with fraud protection specialists, Kount. Kount analyses hundreds of relevant variables and activity across the globe in real-time, providing the most accurate fraud protection available.

It is all too easy to let something important slip through the gaps, resulting in an insecure system and unhappy customers. By ensuring you have ample security information on hand, tried and tested security measures and a focus on fraud protection, you can avoid the major pitfalls encountered by those conducting business online.

Follow Business Insider Australia on Facebook, Twitter, and LinkedIn