Cash is rapidly falling out of style as a form of payment in business transactions as people continue to ramp up their usage of digital currencies, funds transfer services, and reward points. The same security that financial services institutions have erected over back accounts, however, is not always present in electronic payment systems. Consider, for example, the issues that its users have had with the popular payment site, Venmo.
Venmo allows users to reverse payments. A purchaser can use Venmo to pay for an item, take that item, and even a few days later reverse the payment, leaving the seller with nothing. This problem pales in comparison to the avenue that Venmo provides for hackers to access an individual’s bank accounts. Hackers have used stolen Venmo login information, for example, to withdraw money from bank accounts tied to the user’s Venmo ID. As services like Venmo expand more and more into business transactions, the businesses that rely on digital funds transfer services will be at an elevated cyberattack risk as hackers seek access to the information that those businesses maintain.
The good news is that businesses and consumers have an increasing number of technology security solutions that help them to keep digital payments and transactions safer and more secure. Those solutions include:
- Secure Sockets Layer (SSL) protocol that establishes an encrypted link between a web server and a browser; a website address that is preceded by “https” and not just “http” indicates that the uses this protocol.
- Payment Card Security Data Security Standards (PCI DDS) compliance that establishes a standard set of practices to secure information collected through merchant card transactions.
- Tokenization technology to authenticate customer identification and to reduce vulnerabilities in digital payment processing.
- 3-Domain (3D) Secure Payer Authentication that links the vendor company, the financial institution that is processing a digital payment, and a payment card issuer (currently only Visa and MasterCard) and assigns a unique password to each card that a purchaser must use every time he or she uses the card for a transaction.
- Address verification services that require purchasers to provide billing addresses when they pay for online purchases with a digital payment method.
Every small or medium sized business (SMB) that accepts or makes digital payments should consider adopting one or more of these security solutions to improve the safety of transactions and to minimize the risk that its digital payment environment will be an avenue that hackers can use to steal personal or financial information from the SMB’s customers. As good as these solutions are, however, they cannot guarantee 100-percent safety and security in every digital payment transaction.
Because perfect safety and security cannot be achieved, SMB’s need to adopt a complete cybersecurity policy that includes cyberinsurance to cover losses and liabilities from thefts and losses associated with digital currencies. Cyberinsurance can cover a business’s direct losses where it sells products to a consumer who uses fraudulent digital currency to pay for items ordered in a digital transaction. In this sense, cyberinsurance is analogous to insurance that might reimburse a business for theft losses.
Cyberinsurance can play an even larger role in keeping a business whole where hackers use digital currency transactions as a steppingstone to access an SMB’s network and to steal larger volumes of customer information. An SMB that loses hundreds or thousands of customer data records will face potentially devastating lawsuits for its failure to protect that information. Moreover, that failure can lead to a loss of customer confidence that can impact the SMB’s ability to do business after it recovers from a data breach. Cyberinsurance coverage will enable the SMB to respond to the attack more quickly and to give its customers assurances and protection against their own losses that might occur when hackers gain access to the customers’ personal and financial information.