Security Issues

Protect your customers from credit-card fraud by making sure your Web server is secure and information is encrypted.
2 min read
Opinions expressed by Entrepreneur contributors are their own.

Not surprisingly, because credit cards are now the e-payment method of choice for online shoppers, credit-card fraud has become extremely commonplace. In a typical situation, a scammer gets credit-card numbers from stolen or used credit-card slips and then makes purchases online. When the credit-card owner finally disputes the transaction, the bank requires the merchant to provide a proof of purchase with a signature. If the merchant can't produce a signature, the bank awards a charge-back, crediting the consumer's account and debiting the merchant's account.

Some customers who seem to be legitimate might actually be scammers who purchase products with credit cards and then dispute the charges, hoping to get their money back and keep the merchandise. In these kinds of cases, the merchant loses both merchandise and money, and may even incur a charge-back fee.

Card issuers may bar Web merchants from accepting credit cards if those merchants demonstrate a high incidence of fraud or charge-back rates of more than 1 percent, and some banks flat-out refuse to work with Internet companies because of the risk of charge-backs. "Internet transactions tend to be [riskier] than traditional transactions, where you can check a physical credit card," says Ron Cook, a partner with Cook & Koch, a Tampa, Florida, law firm that works with technology and financial-services clients.

What can you do? Audri G. Lanford, an Internet scams expert and co-editor of the newsletter Internet ScamBusters, says you can beat credit-card fraud by using a merchant provider that performs address verifications, checking each customer's information against what a credit-card processor has on file.

Lanford adds that the most important security mechanism is a secure Web server. A secure server offers encryption-the conversion of data into unreadable code-which allows customers to enter credit-card data safely. If you're using a hosting company, be sure it offers 128-bit encryption, suggests Lanford. Another suggestion: Make sure your hosting company has the proper firewalls in place-these security systems make it virtually impossible for hackers to sneak in and disrupt your server.

Once you've finished, be sure to tell users that your site is a secure one, and explain that all customer info is encrypted.

is a technology writer in Brooklyn, New York, who has covered technology for Mobile Computing & Communications and Sales & Marketing Management magazines.

More from Entrepreneur

Get heaping discounts to books you love delivered straight to your inbox. We’ll feature a different book each week and share exclusive deals you won’t find anywhere else.
Jumpstart Your Business. Entrepreneur Insider is your all-access pass to the skills, experts, and network you need to get your business off the ground—or take it to the next level.
Entrepreneur Store scours the web for the newest software, gadgets & web services. Explore our giveaways, bundles, "Pay What You Want" deals & more.

Latest on Entrepreneur

Entrepreneur Media, Inc. values your privacy. In order to understand how people use our site generally, and to create more valuable experiences for you, we may collect data about your use of this site (both directly and through our partners). By continuing to use this site, you are agreeing to the use of that data. For more information on our data policies, please visit our Privacy Policy.