Here’s why you should stop taking credit card information over the phone and shut off manual payment on your credit card terminals
In today’s fast-paced society, dealerships are faced with the difficult position of wanting to accept payments for their customers that are quick and simple. While at the same time providing the highest level of safety and security.
Dealers who take credit card payments over the phone can be victimized if they are not aware of fraud protection practices or are not abiding by Payment Card Industry (PCI) standards. In the case of credit card fraud, not only do the merchants lose the product sold, they are often required to pay back the funds to the financial institutions.
A higher rate of fraud
Statistics show that card-not-present (CNP) transactions have a higher rate of fraud than card machine payments. CNP includes over the phone payments where the cardholder does not physically present the card to the merchant.
“Card not present transactions pose a serious risk for businesses and individuals. CNP is the most prevalent type of credit card fraud. It reached $537.3 Million CAD in 2016 and continues to rise.”
creditcardscanada.ca
Customers have come to expect secure transactions processed and authorized in real-time. Yet, many dealerships do not realize the risks involved when collecting sensitive payment card information over the phone. What would happen if your customers experienced identity theft and fraud that occurred as a result of doing business with you? Not only would you run the risk of losing that customer, you would have to convince your remaining customers that your dealership is a safe place to do business.
Surprisingly, it’s humans, and not technology, who are the weakest link in the payment processing chain. Staff can account for the majority of data breaches. Having employees have access to sensitive credit card data by hearing it spoken by the customer in order to write it down or enter it into their DMS or CRM system puts you at risk from fraud. Think of all the ways human error can increase the risks when taking payments over the phone:
- Untrained employees
- Unethical behaviour
- Privacy breaches – losing data, hand written credit information left out, computer left unattended
- Unethical behaviour of people in proximity to your employees/customers
Compliancy can be complicated
To be compliant, businesses that accept or process payment cards over the phone need to adhere to the Payment Card Industry – Data Security Standards (PCI-DSS). Here’s a short list of what some of those standards call for:
- Staff hearing credit card data over the phone require the scope of background checks and security awareness training
- Employees need to know how to handle data securely. Written records of the credit card data must be shredded immediately after processing
- If the information is being entered anywhere in your system, numbers must be truncated to only display the last 4 digits
- Systems and workstations been configured with technology such as heightened network perimeter security, antivirus software and firewall protection systems
If you can’t say yes to all of the above, then you need to STOP taking credit card information over the phone immediately and shut off your manual payment on your credit card terminals!It’s not a question of IF a credit card fraud will happen at your dealership, it’s a question of WHEN!.
Mobile Cashier eliminates compliance risks
So, how can you identify a secure technology solution for processing payments over the phone? The answer is simply not to! Don’t write information down, don’t manually enter credit card numbers or store sensitive data at all. The best way to comply with PCI Data Security Standards is to remove that form of payment entirely.
Technology solutions like Mobile Cashier, obtain real-time authorizations securely using a simple, safe and secure payment link. Send payment links by text or email so customers can pay directly from their mobile device or computer. No special software or App is needed. The secure payment link takes them directly to a Dealer-branded payment page to review their invoice summary and then proceed to the secure payment page where they need only enter their credit card and CV numbers. It’s that simple, that safe and that fast.
