How to maximize security when taking over the phone payments
Taking payments over the phone is commonplace for many businesses, and as a customer, you likely do it regularly. For providing deposits to paying for services, having the ability to pay over the phone is a great advantage for a customer, meaning they don’t need to go to a physical store, which is very convenient. Then, as a business, you’ll likely see a higher number of sales by offering the option to take virtual transactions. What can be difficult, though, is the possible security stigma that comes with this method of making transactions. Statistically, you’ll get more fraudulent payments when dealing with payment over the phone. What can you do then to minimize any potential issues?
Ensuring PCI compliance
The first step to take is to make sure that you’re PCI-compliant, which stands for Payment Card Industry Security Standard. This is a number of policies that dictate how you should store your data, make payments, and hold data. If you take payments online, then you’ll most likely be using a virtual terminal or PaymentCloud to process the transactions. The simplest way to make sure that you’re PCI-compliant is to pick a payment processor that’s already operating to these standards, and simply let them handle your transactions.
It’s also possible to become PCI-compliant yourself, and the first step to take is to find out what level of compliance you’re currently at. You’ll need to check this with your bank and payment provider, and then fill out a questionnaire and several additional documents that can be submitted to the various payment providers you work with. This will take some time and effort but is important, and if you don’t feel comfortable, it’s recommended that this is outsourced if possible.
Maintaining security standards
This is a relatively simple step, but always needs to be followed. When taking payment from someone over the phone, you need to ask for all the relevant card details to ensure a secure transfer. This will include the card number, expiry date, and the security CVC or CVV code on the back of the card. Without all three of these, you can’t make a secure transaction. Also, you may need to make an additional check, such as asking for the payee’s address and crosschecking this with what’s on the security system.
Be careful with your choice of a payment provider.
As mentioned, your payment provider should already be PCI-compliant, and if they aren’t, it will be worth checking why this is and consider moving to a provider that offers the necessary security. Also, some payment providers add additional layers of security to their offering, such as limiting transactions that can be made over the phone. This means that even if someone can make a fraudulent transaction, they will be limited as to how much they can spend.