Posts Tagged ‘https’
The Importance of Security in Online PaymentsFriday, August 13th, 2010
As more and more fraud occurs in e-commerce, it is ever more important to provide secure payments for your customers. There are some things you can add to your website that will provide extra layers of security for your customers. You can use “https protocol” and “3-D secure protocol”. Also the Payment Card Industry Security Standards Council (PCI SSC) has implemented strict standards (PCI Data Security Standard) for merchants that accept credit cards online. In the next sections, all of these types of security options will be explained.
Normally the website operates under a normal hypertext transfer protocol (http), but with https (hypertext transfer protocol secure), sensitive data that passes through the seemingly insecure network (http) will be protected by an added security socket layer (SSL). HTTPS has been approved by many certificate authorities, so it is a widely accepted security layer for online payments.
3-D Secure Protocol
3-D secure protocol is a form of virtual payer identification. The basic concept behind it is verifying 3 domains. Thus, the name 3-D. The first domain name to be verified is the acquirer domain. The acquirer domain consists of the merchant and bank to which money is being given to. The second is the issuer domain. This is the bank that issued the card being used. The third and final domain to be verified is the interoperability domain. This is the infrastructure provided by the credit card scheme to support the 3-D secure protocol. This is possibly one of the safest ways to accept payments on your website.
PCI Data Security Standard
Merchants of all sizes have to abide by the PCI DSS’s rules in order to be able to accept credit cards. The PCI Data Security Standard was implemented in 2004 and has been updated several times since then to keep up with technological advances. Companies like North American Bancard specifically say that they offer internet merchant accounts that provide PCI compliant payment experiences. So it is not all on the merchant, since merchant account providers are there to consult and assist merchants with abiding by these rules. The main objectives for the standard is are to create a universal environment where payments are safe and to be able to identify cyber criminals more easily because of these standards.
As more and more people buy online, cyber crime will increase unless merchants become educated about securing data on their websites.