Category Archives: Data Breach

ABT_OnlineData

Merchants are at Risk, Too! Here’s How to Keep your Data Safe Online

We always stress the importance of having secure payment processing solutions so that you can ensure a positive shopping experience for your customers. But don’t forget: You and your business are consumers, too! It’s important for you to be aware that other businesses’ online platforms might not be as secure as yours. When your data is put into the wrong hands, you could be in for a lot of trouble (i.e. identity theft, stolen credit card information, computer hacks, etc.)

The solution? Good habits help merchants safeguard their sensitive business data online. Below, we’ve put together some of the most effective ways to ensure your online data is safe:

1. Choose a Secure Password

Once upon a time it was acceptable to create a singular password for all online accounts. Your password could even be as simple as your business name! But those days are now far behind us. Today’s hackers are smart and the less secure (complex) your password, the easier it is for them to access your data. The best way to keep your data safe is to choose a unique password for each online account. Your passwords should include a mix of upper and lower case letters, numbers and special characters, if allowed. To make it easy, you can use a password generator, like this one by Norton. Keep in mind: High profile businesses should change their passwords several times a year, according to Credit.com.

ABT_OnlineData_Icon12. Keep Your Email from Getting Hacked

When your business email gets hacked, you can do some serious damage. You might not even know it was hacked until a client asks you why you sent that “super weird video.” Awkward! An email hack can happen to the best of us, but there are steps you can take to prevent it. First, take our advice and change that password! The more secure the better. While you’re on the settings page in your email, see if there’s an option to implement two-step authentication. This links your email account with your phone number, so anytime you (or a hacker!) logs into an “unrecognized” device, you’ll receive a code on your phone to enter on the device in question. Also remember to be smart when opening email, if a message looks iffy, just don’t click on it!

ABT_OnlineData_Icon23. Shop Safely Online

First things first when shopping online: Do not ever enter your credit card information on a website if it doesn’t have SSL encryption installed. How can you know if it’s secure? Take a look at the URL—instead of starting with “http://”, it should start with “https://”. Also look for a little lock icon in the URL box. A website with SSL encrypts sensitive information so that only the intended recipient can understand it. In general, go with your gut feeling when shopping online. If a website just doesn’t feel right, find another one that you trust!

ABT_OnlineData_Icon34. Use the Internet for Banking

Online banking is just so convenient, it’s no surprise that more than 51% of U.S. adults use it. To ensure that your online accounts are as secure as a bank vault, you’ll want to follow some of the tips above, like creating a strong password and enabling two-step verification. On top of that, you’ll want to be sure to always keep your computer software up-to-date and always log out when you’re done.

Today, using the internet to do business is simply part of doing business! Just be sure to use it smartly and you’ll be good to go!


Stay updated on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
ABT_Upgrade-POS

5 Signs It’s Time to Upgrade Your POS System

An outdated point-of-sale (POS) system may not only be holding your business back, but endangering your customers as well. Many retailers, however, are reluctant to upgrade their payment processing systems and terminals because of the resources (i.e. money, time) required to do so.

“Every two to three years a big change emerges in retailing. Every four years in-store processes change. But retailers only change their POS every seven to 10 years. POS has become a big problem retailers need to solve,” said Leo Suarez of Toshiba Global Commerce.

While it’s easy to simply stick with the familiar, failing to switch to new POS technology can have serious consequences such as slower transactions, lack of usability and lost profits. In addition, if your POS system is behind the times, it’s very likely that you are putting your customer’s data at risk.

No business owner wants to spend unnecessary time or money, so how do you know when you really need to upgrade your business’s POS system? Here are the top five signs that indicate it’s time for an update:

1. It’s Not EMV-Compliant

By now you’ve probably heard about the rapidly approaching EMV liability shift. If your business isn’t equipped EMV-compliant POS systems by October 1, you will be liable for out-of-pocket coverage of losses due to fraudulent transactions. It’s critical for your business to update its POS system before the liability shift to ensure that you’re safe from these new costly consequences.

ABT_Upgrade-POS_TILES_12. It’s Not Customer-Friendly

Today’s shoppers are very tech-savvy and many don’t need any guidance on how to use POS systems. But, when your terminals aren’t functioning properly or aren’t integrated with a user-friendly software program, your customers will get easily frustrated–and unhappy customers are bad for business.

3. It’s a Standalone System

If your business has a standalone POS system, it’s probably perpetually outdated. Since this type of POS requires time-consuming manual software and hardware upgrades, it is extremely easy for business owners to let the technology slide. And once the technology gets so far behind, the cost to upgrade increases exponentially. An integrated solution, on the other hand, allows for software updates to be pushed through automatically, without requiring new hardware or much effort on the business’s end.

ABT_Upgrade-POS_TILES_24. Its Quirks are Just Getting Out of Hand

Sick and tired of that coupon button not working? Fed up with your POS system’s tendency to shut of in the middle of a transaction? Save yourself the headache of dealing with these little “quirks” and invest in a new system–you’ll be amazed by how less stressed you feel, and how much time you’ll save!

5. It Doesn’t Align with Your Needs

Businesses are continually evolving, so your POS system should be flexible in order to meet your changing needs. Since your business will likely need to update your POS system due to the EMV liability shift, take this opportunity to pick out a system that will accommodate your needs several years down the road.

If your business is experiencing any of the above signs, it’s time for you to upgrade your POS system. Embrace the change! If you aren’t sure where to start, give us a call–we’re more than happy to help walk you through your POS system options and help you understand the updating process.


Stay updated on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
ABT_Sustainability

Go Green! 5 Ways to Make Your Payment Processing Methods More Sustainable

On Wednesday, April 22, more than 192 countries across the globe will celebrate the 45th annual Earth Day, an event that promotes awareness and support of environmental protection.

As a business owner, you may have already taken steps to make your business more environmentally-friendly, like installing CFL or LED light bulbs, or setting up a recycling program, but did you know that your business could go even greener by extending sustainability to your payment processing?

In conjunction with Earth Day, we’ve got five helpful tips for how your business can make your payment processing methods more eco-friendly.

1. Switch to Digital Receipts

In the near future, printed receipts will be a thing of the past. In 2012, 35 percent of retailers offered digital receipts, and that percentage is expected to continue to grow with the advancement of digital and mobile payment solutions. Not only do paperless receipts help the environment, but they also save your business money and provide convenience for customers.

ABT_Sustainability_TILES_12. Protect Your Customers’ Data, Protect the Environment

Did you know that when your employees write down customers’ credit card numbers, you could be putting their data at risk? According to one study, out of the top 100 chain restaurants, 80% have at least one employee who writes down credit card numbers. Not only does this practice violate PCI guidelines and increase the chances of a data breach, but it’s also a waste of paper. Instead, employees should enter the data directly into your secure payment processing system. If you do end up with paper documents containing sensitive credit card information, be sure to shred and recycle them as soon as possible.

3. Integrate Tablets Into Your Business

By implementing cloud-based Tablet Solutions into your business, you can manage your business from anywhere, potentially minimizing extra trips to the office and reducing your gas usage. Additionally, with Tablet Solutions, you can avoid printing spreadsheets of financial summaries or inventory manifests.

ABT_Sustainability_TILES_24. If You Have to Print, Do it Smartly

Simply put, don’t print things that don’t need to be printed! According to Preton, the average employee prints six unnecessary pages per day. When you do need to print, however, use paper that has maximum recycled content to help reduce your business’s carbon footprint. If your printer has the capability to print double-sided, do so and instead of throwing away paper that’s been printed on one side, use it for scrap paper or for printing drafts.

5. Recycle responsibly

When your outdated processing equipment and terminals kick the bucket, don’t just throw them away—donate or sell them to an electronic recycling facility. These terminals contain data that can be breached if they’re not disposed of properly. Also, electronic equipment often contains materials that can become toxic when dumped in a landfill. These recycling facilities salvage the parts they can for resale and properly disassemble the others for safe disposal.

Implementing more environmentally sustainable practices in your business doesn’t have to happen all at once. Start by making small changes, and get your employees involved! A big part of making your business more eco-friendly has to do with creating a culture of sustainability, and sticking with it. And there’s no better time to start than Earth Day 2015!


Stay updated on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
ABT_Apple-Pay

Can Apple Pay Put Your Credit Card Security at Risk?

Recently, the payment industry has been a-buzz about reports that Apple Pay may be suffering from security weaknesses. While Apple Pay offers simplicity and speed for users, it is really worth the risks? Or is all the discussion of potential fraud just a bunch of media hype?

ABT_Apple-Pay_ICON1Apple Pay 101

Apple Pay is a mobile payment service that allows consumers to make credit and debit payments directly from their iPhone 6, 6 Plus and the highly anticipated Apple Watch.

Think of it like a digital, mobile wallet.

Apple pay allows users to import their credit card information from their iTunes account into the Passbook application on their device. Once set up, customers can simply wave their phone over a Near Field Communication (NFC) terminal, located in a wide range of retail stores across the country, to make a purchase.

How Secure is the Apple Pay System?

When Apple Pay launched in October 2014, it was touted as being an “easy, secure and private” mobile payment solution. And up until recently, all was going smoothly. So what’s the real deal with all of this talk about fraud and security risks?

Fact: Fraudulent charges are being made through Apple Pay. Some estimates report that upwards of 6% of transactions made via Apple Pay are fraudulent.

ABT_Apple-Pay_ICON2However, it’s important for consumers to understand that Apple Pay accounts are not being hacked. The data infrastructure on Apple’s part is up to standards. The problem lies within the provisioning; a process in which banks verify the legitimacy of cards when they’re uploaded to Apple Pay. What’s happening is that criminals are taking stolen credit card information, creating iTunes accounts, using those accounts to provision Apple Pay accounts and then making fraudulent purchases.

At this time, consumers do not need to be overly concerned about the security of their credit card data once it’s uploaded to Apple Pay, but that doesn’t mean they’re not at risk. Consumers should always take extreme caution when sharing their credit card information to ensure that it’s going into the right hands.

Be Prepared! What Merchants Need to Know

The payment landscape is changing rapidly and for merchants, the most critical thing to take away from this discussion is an understanding of the importance of payment processing security.

Even the most diligent merchants experience fraud, but there are a number of ways that businesses can make transactions more secure for their customers. As Apple Pay and other mobile payment technologies become more integrated into the payment industry, more security weaknesses will likely emerge, and alternate solutions will need to be implemented.

During this time of transition, it’s important for you, as a business owner, to stay informed on all of the latest payment technologies and trends, and be sure that you have systems in place to ensure maximum security for your customers’ payment information.


Stay updated on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

 

 

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
ABTK-SM-Blog-paymentprocesses-hero

Could Your Payment Processing Methods Be Endangering Your Customers?

Adopting good business finance habits ensures an establishment’s security and longevity. When credit card processing is treated with acute attention, point-of-sale transactions are quick and simple.

However, many businesses engage in a slew of less-than-safe practices, capable of undermining the entire establishment’s security.

Both negligence and bad bookkeeping can severely harm a business—and poor payment processing can compromise its customers.

ABTK-small-blog-image-paymentprocessing-01Insecure Data Storage

Merchant services requires consistency and protective storage methods. Unfortunately, when PCI compliance isn’t regularly practiced, digital payments may reduce an organization’s security.

An Oswap.org business data breach analysis has figured in the many threats posed against companies utilizing point-of-sale technology. Store-based devices aren’t entirely safe from malware, malicious users or false authentication. Similarly, the following habits can severely compromise a customer’s security at, and after, the register:

  • Writing down credit information by hand
  • Using insecure mobile applications for promotions
  • Improper maintenance of addresses, social security numbers and credit card data
  • Easily accessible information systems

ABTK-small-blog-image-paymentprocessing-02The Importance of Employee Training

Delegating business tasks effectively ensures a resource-savvy business. However, employee training benefits the customer’s security directly.

Task distribution promotes business connectivity, and a well-connected business may further assist its customers. When employees aren’t trained effectively, however, their customer attentiveness may dwindle. Similarly, they may forget or fail to execute vital actions needed for customer safety.

Anyone operating a business register or information database should be capable of utilizing supreme precaution. A negligent employee may not mean to compromise a customer’s information—but poorly trained job skills can absolutely exploit important information.

ABTK-small-blog-image-paymentprocessing-03Credit Card Security

Forgers often utilize fraudulent credit cards and their potential danger should be understood. This primarily affects the business, rather than the consumer. However, anything capable of targeting a business’s secure data infrastructure should be considered a vital security risk to everyone involved.

When examining credit cards for purchases, merchants must remember to check the following:

  • Valid expiration dates
  • First four account numbers above the card’s first four numbers
  • Three-dimensional security hologram
  • Matching signatures

Fraudulent credit cards can affect a business when high-tech sales processing machinery is forgone, which is why maintaining comprehensive point-of-sale processing is incredibly important.

Remember: The consumer is relatively unprotected during most transactions. While a business actively maintains systems to ensure their own privacy and sustainability, consumers may be exposed. Proper routines, effective employee training and a watchful eye during transactions will not only protect the consumer’s information—it’ll breed a business atmosphere deserving of trust and success.


Stay updated on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
ABTK-SM-Blog-DataBreach-Hero

5 Bad Habits Putting Your Business at Risk for a Data Breach

A data breach occurs when an outsider obtains customer information, putting customers at risk for fraudulent charges and identity theft. It can also threaten the reputation of businesses.

There are useful practices and various steps a business can take to prevent such breaches.

ABTK-small-blog-image-DataBreach011. Sticking with old, familiar technology

It is important for businesses to keep up with technology. They must upgrade security in addition to the ways they process payments. While it can be more costly to move to the newest methods, it makes customer information much more secure. After all, those who would illegally gain access to customer information will be using new technology—so why shouldn’t your business stay one step ahead?

Target is an example of a major company that had a data breach due to outdated technology. To prevent this issue in the future, they’ve begun to implement the technology to be able to process mobile payments.

2. Using the same POS system across all stores

Business owners can be tempted to go with what they know, especially if they’re a chain. They become familiar with certain technology, and so they tend to use it in across all stores. However, this habit should be changed. Businesses need to have different computer systems for franchise stores, especially with regard to POS systems.

Jimmy John’s stores were the victims of a major data breach because many of their POS systems were the same. The perpetrators of the data breach were able to clone payments once they figured out how the POS systems worked. If the chain had different POS systems, the data breach may not have occurred.

ABTK-small-blog-image-DataBreach023. Not updating encryption

Encryption of information is the most important way to protect your customers. Encryption scrambles customer data, such as credit card numbers, and makes it unreadable. That way, in the event of a data breach, the information obtained is useless.

Home Depot was hit with a data breach that originated from malware. Home Depot’s security system could not protect against the malware due to how new it was. But, updated encryption software would have made the data unusable to those who created the malware.

4. Insecure employee login information

Employers must give employees access to computer systems and data in order to do their jobs. However, it is easy to become complacent with employee login information. Employee passwords may be easy to guess. Employee credentials may not be deactivated when an employee leaves. Business owners must cease those bad practices. Employee passwords should be complex and changed every few months. Credentials must be deactivated when an employee leaves.

eBay’s data breach occurred because the thieves used employee login information. It is not clear how the hackers had access to employee credentials, but if eBay had made employee credentials more secure, the data breach may have been prevented.

ABTK-small-blog-image-DataBreach035. Failure to watch computer systems

Businesses must regularly watch computer systems, especially POS systems, for signs of a potential security issue. They should look for any irregular transactions or payments. They should check the system for malware and viruses. It is easy to trust security, but vigilance will prevent a data breach from going unnoticed.

In the case of the Neiman Marcus data breach, they failed to check their systems. Not only did the data breach occur, but it went unnoticed for months, despite malware being on their POS systems. It is vital that businesses scan for malware and harmful programs on a regular basis.


Stay updated on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS

9 Data Breaches That Rocked 2014 (And What You Can Learn In 2015)

2014 was the year of the data breach. One after another, big brands were subjected to malicious attacks by hackers that not only compromised countless pieces of customer data, but almost-irreparably damaged these brands.

Here are some of the more notable businesses affected by cyber criminal attacks during 2014:

large

1. Ebay

In May, eBay revealed that hackers had managed to steal the personal records of 233 million users. Usernames, passwords, phone numbers and physical addresses were all compromised. But the biggest victim: Ebay’s ego.

2. JPMorgan

Tens of millions of Chase customers were affected when accounts were infiltrated—even if their bank accounts weren’t. The attack touched 80 millions households and 7 million businesses, making it one of the largest in history.

3. Target

Last spring, Target confirmed that a large data breach from late 2013 affected 40 million customers. The company later announced that more data was compromised, reaching 70 million people. Proving that the shame is 100% on them for exposing customers twice.

4.  Home Depot

Home Depot announced last September that their massive data breach allowed cyber criminals to harvest information from 56 million customers in the United States and Canada. Vendor credentials were used to steal customer data.

5. Staples

Staples confirmed its payment system’s data breach–an incident in which 1.16 million credit and debit cards used were stolen over a period of up to six months. The criminals behind the breach have been accused of already using the card data for fraud.

6. U.S.P.S

Hackers attacked the United States Postal Service’s online network. Blame was quickly placed on hackers based out of China. The damage? 800,000 employees’ data was compromised, including Social Security numbers and addresses.

7. Domino’s Pizza

A “hacking group” held Domino’s Pizza hostage, demanding ransom for over 600,000 customer records obtained through a data breach. In exchange for the personal data (names, addresses, emails, phone numbers and even favorite toppings), the hackers demanded $40,000 from the pizza chain.

8. Verizon Wireless

Verizon Wireless experienced 1,367 data breaches and more than 63,000 security incidents in 95 countries during 2014. The company released their annual security report that painted a picture of the reality of data security (or lack there of) and the state of cyber crime.

9. Jimmy John’s

Customers who swiped their cards inside one of 216 Jimmy John’s stores were affected by last year’s data breach. Cards entered manually or online were not included in the attack. The information exposed may include the card number and in some cases the cardholder’s name, verification code and/or the card’s expiration date.

***

Data breaches are the new normal. 

So what can you learn from these big brands’ data breach incidents? That no business is truly immune from being the victim of a data breach–but you can practice best standards and practices by having a response plan in place.


Stay updated on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
ABTEK-BreakingNewsGraphic01

Possible Chick-fil-A Data Breach Compromises At Least 9,000 Sets of Credit Card Data

250px-PC_Chick-Fil-A_2012-08-01While the world was celebrating the arrival of 2015, hackers eyed a new data breach target: Restaurant chain Chick-fil-A. Jamie Condliffe at Gizmodo reports:

Chick-Fil-A has admitted that it’s “received reports of potential unusual activity involving payment cards used at a few of our restaurants.” Further reports suggest that the fast food chain is the common link in the loss of 9,000 sets of card details.

Chick-Fil-A learned on December 19th that suspicious payment activities were happening at some of its outlets, and its since been working with authorities to find out what’s happening. Some digging by Brian Krebs reveals that “nearly 9,000 customer cards [were] listed in that alert, and that the only common point-of-purchase were Chick-fil-A locations.”

It turns out that the size of this breach is larger than the Target data breach.  Details are still emerging–follow us on Twitter to stay current.


Stay up to date on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
ABTEK-BreakingNewsGraphic02

Staples Hack Exposes 1.2M Credit Cards

You may recall that office supply giant Staples fell victim to a data breach not too long ago. In the run-up to Christmas, the extent of that breach has come to light: About 1.2M credit card numbers are open to risk.

The breach, which was announced back in October, affected point-of-sale systems at 115 Staples stores–of 1,400+. However, experts are confident that the breadth of this hack won’t dent holiday shopping at the retail giant.

Read more at USA Today.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
PCI-1000x370

How Tokenization Works In One Simple Infographic

inchowtokenizationRemember that one time we spoke to the media about tokenization to help provide a guard against compromised customer data? We know that for most business owners, this kind of technology might seem like an unnecessary extravagance, but in this age of daily data breaches, it’s the kind of tech investment that can go a long way towards protecting your business interests.

Take a look at this handy infographic at Inc. which breaks down exactly how tokenization works.


Stay up to date on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS