Security Issues

Protect your customers from credit-card fraud by making sure your Web server is secure and information is encrypted.
2 min read
Opinions expressed by Entrepreneur contributors are their own.

Not surprisingly, because credit cards are now the e-payment method of choice for online shoppers, credit-card fraud has become extremely commonplace. In a typical situation, a scammer gets credit-card numbers from stolen or used credit-card slips and then makes purchases online. When the credit-card owner finally disputes the transaction, the bank requires the merchant to provide a proof of purchase with a signature. If the merchant can't produce a signature, the bank awards a charge-back, crediting the consumer's account and debiting the merchant's account.

Some customers who seem to be legitimate might actually be scammers who purchase products with credit cards and then dispute the charges, hoping to get their money back and keep the merchandise. In these kinds of cases, the merchant loses both merchandise and money, and may even incur a charge-back fee.

Card issuers may bar Web merchants from accepting credit cards if those merchants demonstrate a high incidence of fraud or charge-back rates of more than 1 percent, and some banks flat-out refuse to work with Internet companies because of the risk of charge-backs. "Internet transactions tend to be [riskier] than traditional transactions, where you can check a physical credit card," says Ron Cook, a partner with Cook & Koch, a Tampa, Florida, law firm that works with technology and financial-services clients.

What can you do? Audri G. Lanford, an Internet scams expert and co-editor of the newsletter Internet ScamBusters, says you can beat credit-card fraud by using a merchant provider that performs address verifications, checking each customer's information against what a credit-card processor has on file.

Lanford adds that the most important security mechanism is a secure Web server. A secure server offers encryption-the conversion of data into unreadable code-which allows customers to enter credit-card data safely. If you're using a hosting company, be sure it offers 128-bit encryption, suggests Lanford. Another suggestion: Make sure your hosting company has the proper firewalls in place-these security systems make it virtually impossible for hackers to sneak in and disrupt your server.

Once you've finished, be sure to tell users that your site is a secure one, and explain that all customer info is encrypted.


is a technology writer in Brooklyn, New York, who has covered technology for Mobile Computing & Communications and Sales & Marketing Management magazines.

More from Entrepreneur

Our Franchise Advisors will guide you through the entire franchising process, for FREE!
  1. Book a one-on-one session with a Franchise Advisor
  2. Take a survey about your needs & goals
  3. Find your ideal franchise
  4. Learn about that franchise
  5. Meet the franchisor
  6. Receive the best business resources
Discover the franchise that’s right for you by answering some questions about
  • Which industry you’re interested in
  • Why you want to buy a franchise
  • What your financial needs are
  • Where you’re located
  • And more
Make sure you’re covered for physical injuries or property damage that occur at work by
  • Providing us with basic information about your business
  • Verifying details about your business with one of our specialists
  • Speaking with an agent who is specifically suited to insure your business

Latest on Entrepreneur