As a small business owner, you clearly realize that you can only compete with the big dogs in your industry if you accept credit card payments. You also understand that it’s a weighty responsibility to handle all that credit card data.

So, you set up to accept those credit cards and now accept online payments on your website. You invested in SSL protection. Your customer credit card data should be safe, right?

We are sorry to tell you that while you have made a valiant effort and your head is in the right place, you are still leaving your customers open to credit card fraud.

If we had to give you a report card right now, you’d earn a “C.” You’ve offered your customers only average data security. And, your customers deserve more than a C. Quite frankly, your business deserves more, too!

When you handle credit card numbers in a less-than-secure environment, you open yourself up to losses. You can be held responsible legally if a hacker breaches your data.

Don’t leave credit card payments to chance—be confident your data is secure by choosing EmailMeForm Vault.

We’ve assembled some best practices for handling credit card payments safely, every time.

#1 - Never write down credit card numbers

Even though you have a website, some users might feel uncomfortable with shopping online and call you to place an order. Or, a user calls you with a general question, and you close the sale by phone.

Resist the temptation to use a pen and paper to jot down any credit card numbers. Instead, you should enter data directly into an order form and payment form to protect your customer. That practice can lead to credit card theft.

A recent article cites dumpster diving for important paperwork as one of the top ways that those perpetrating identity theft start by collecting consumer data. Sadly, shredding doesn’t always help matters.

Identity thieves will spend time reassembling shredded paperwork as happily as if they were completing a puzzle on a rainy Saturday afternoon.

#2 - Don’t store credit card data onsite

Not only should you write down at-risk data on paper, but you should also not store credit card data onsite. Ever. Not on your computer, not in the customer’s paper file, not even taped underneath your keyboard.

Store credit card data, customer demographic information, and purchase history securely using online forms that capture data then file the information away to be used only by your most trusted employees.

Storing data onsite exposes you to fraud to occur in a place the often catches employers by surprise—from their employees.

Statista shared a study conducted by America’s National Retail Federation in 2018. The study surveyed retailers about the sources of merchandise theft in their businesses. Shockingly, 33.2 percent of those losses came from employee theft or fraud.

credit card fraud

While this survey specifically targeted retail losses, it does underscore the fact that you must be vigilant against this security lapse.

#3 - Establish strict credit card handling policies and put them in writing

Whether you use online forms to manage e-commerce transactions or have a brick-and-mortar location that accepts card payments, or a combo of both, you must establish strict credit card handling policies.

Write a credit card handling policy that fits your specific business model and outline them in your company handbook. This written manual will serve as a beacon of a company culture that’s attuned to data security.

Motivational speaker, Greg S. Reid, once stated:

A dream written down with a date becomes a goal. A goal broken down into steps becomes a plan. A plan backed by action makes your dreams come true.

Make your vision of a secure company a reality by putting that goal in a tangible written format.

#4 - Educate your team about safe handling of credit card data

If you have a staff, you’ve probably heard the following excuses:

“I didn’t know.”
“Nobody told me.”
“‘They don’t train us right.”

You can implement the strictest credit card handling protocols possible in your business. However, it’s all for naught if you don’t get your staff on-board.

Meet with your staff to lay down the new law of the land about credit card data.

If your employees don’t understand the full impact of the risks of identity theft and fraud, you cannot expect them to be able to visualize the consequences of their actions.

Most of your employees value their jobs, and they have your best interest at heart. They will hop on board once they fully comprehend the dire need for data security.

Close your meeting by asking your employees to sign off on the new policy manual you created in point #3. You can even collect this data securely and safely by creating an EmailMeForm and requesting they sign with digital signatures.

#5 - Use a PCI-compliant form company for storing data safely

Embrace online forms collecting online payments and handling credit card data. The most secure form companies are those that are PCI-certified (versus PCI-compliant).

These companies (ahem, EmailMeForm is one such company) take extreme measures to secure customer data. And, the Payment Card Industry’s independent auditors have verified our commitment to security. In short, the strenuous PCI-certification proves that we handle form data safely.

Next, we take payment forms and credit card authorization forms a step further and store them for you in the EmailMeForm Vault. This storage option locks away customer data so that it can only be retrieved using multi-factor authentication.

You can get no safer than the EmailMeForm Vault!

Start Taking Safe Credit Card Payments

There is no time like the present, right now, to begin taking safe credit card payments, creating a policy manual, and educating your team on how vigorously you plan to implement this new culture.

You will be able to tout your added safety measures to your clientele, strengthening their loyalty to your company simply because you value their online safety.

PCI-cetified collect credit card

Author Deborah Tayloe

Deborah Tayloe

Deborah is a blogger and freelancer who often writes for EmailMeForm. When she’s not blogging, you’ll probably find Deborah working on DIY projects around her home in North Carolina.

Actionable data insights create new revenue opportunities, increase efficiency, and cut costs, but many executives still operate on gut instinct.

Creating business value from big data

GDPR Explained: the Basics

Demand for cybersecurity professionals rises as the industry fails to keep up with growing risk.

Cybersecurity Workforce Shortage

As education transitioned into the digital age, schools have an increased responsibility to safeguard their students’ data.

Schools’ digital responsibility to ensure student data privacy

More blog posts