Today, with the rise in online shopping and a greater number of people taking their money to purchase goods or services from an unknown source, there’s been a corresponding increase in the amount of fraud. There have also been more incidents where hackers have broken into company databases to steal sensitive information. For your business to compete on a level playing field with other companies that offer secure transactions systems, you need one too. Otherwise, your customers will move on to another company with this capability and may never return.
In addition, if you do not have some form of secure transaction system set up for your website or mobile app, hackers could gain access to your customers’ personally identifiable information (PII). This could leave your company liable under several federal and international laws.
What is PII?
PII is any information that can be used to uniquely identify an individual. This can include anything from a name and address to Social Security number, driver’s license number, or credit card number.
The best way to protect your customers is to provide them with an easy-to-use system for making secure financial transactions. This will ensure that their data is protected both in transit and at rest.
Consequences of a PII Breach
Legal
If you do not have a secure system in place, hackers can hijack your customers’ accounts and steal their PII. This means that they could use this information to commit other types of fraud, such as bank or credit card fraud, against the account holder. If the breach involves more than 500 records, it must be reported to the Federal Trade Commission (FTC) and the individual state’s attorneys general. In addition, several states have their privacy laws regulating how PII should be handled, including notification to consumers in the event of a breach.
In some cases, where your company has been negligent in protecting its customers’ data, it could even be sued. For example, in 2016, Several entities, including the federal and state governments, sued the credit bureau Experian for $5 million after a hacker was able to gain access to the personal information of more than 150 million people.
The European Union has even enacted the General Data Protection Regulation (GDPR), which came into effect on May 25, 2018. This new law dramatically increases the penalties levied against companies for mishandling or improperly securing PII. Under GDPR, companies can be fined up to 4% of their global annual revenue or €20 million, whichever is greater.
Your Company Gets a Bad Reputation
Another potential consequence of a data breach is that your company can develop a bad reputation. If your customers are not confident that their personal information is safe when they do business with you, they may take their business elsewhere. This can be extremely damaging to your business if you rely on word-of-mouth advertising from satisfied customers or referrals. This could have a serious impact on your bottom line.
How Your Company Can Protect Itself
There are many ways for companies to protect themselves against data theft and loss of customer trust.
Segregation of Duties Software
The first step is to reduce the number of people who have access to sensitive data. You can do this by using segregation of duties software.
For example, suppose one person has been given the ability to authorize a purchase order in a company’s ERP system. In that case, they cannot also approve payment for that invoice in the Accounts Payable module. Limiting the number of people who have access to this data makes it more difficult for hackers to gain access.
Two-Factor Authentication
Another way to protect your customers is by using two-factor authentication. This requires users to input a code sent to their phone or email after logging in. This code is only valid for a certain amount of time, so even if a hacker manages to steal your customers’ login information, they will not be able to use it without the two-factor authentication code.
Encryption
Another way to protect your customers’ data is by using encryption. This scrambles the data to not readable to anyone without the key.
Final Thoughts
As more and more people are shopping online, online scams continue to grow. While many stores already offer shoppers their own secure payment options, it is worth mentioning that these transactions are often easier to process than credit card purchases. The best way to keep their customers safe is to provide an easy-to-use, secure system for financial transactions.