Tips for keeping your business and data safe from cyberattacks
Cyberattacks are a top concern for eCommerce platforms. Data breaches cause financial losses and damage your reputation. That’s why you need a trusted provider to handle your payments. And they must keep your money and your data secure. Here are some tips for keeping your payments and data safe.
With data being dubbed “the new gold,” security breaches are becoming commonplace, especially for international businesses. If you need to process a high volume of cross-border payments, you need a trusted provider to handle your valuable transactions and keep both your money and your data secure.
According to data from the 2019 AFP Payments Fraud Survey, 82 percent of companies were targets of payments fraud last year. And the Merchant Risk Council (MRC)’s 2019 Global Fraud Survey Results show that 96% of all eCommerce businesses report experiencing fraud attacks.
New data privacy laws like the GDPR and the Australian Privacy Act are also changing the payments landscape. The impact of data breaches extends far beyond financial loss and significant fines to loss of reputation, trust and customers.
Data security risks and recommendations
Account takeover (ATO) is near the top of the MRC’s list of fraudulent attacks experienced by eCommerce businesses. ATO involves an attacker stealing a user’s login credentials to break into their account, where they can access private information. This is frequently used for the purposes of credit card fraud.
Malicious emails are a primary weapon of choice for cyber attackers, with phishing and business email compromise (BEC) topping the list and social media not far behind. Criminals are increasingly using social engineering to hijack accounts and trick organizations into wiring large amounts of money into these accounts. As the lines between business and personal communications blurs, these attacks are becoming more difficult to spot until it is too late.
Some recommended best practices to help keep your data safe include:
- Train employees on data security protocols, including how to recognize these scams, how to protect sensitive data, and how to report threats.
- Password security is paramount — not just creating a secure password, but not sharing it, writing it down, and changing it regularly.
- Implement access controls to ensure that only the right people have access to the right data, and only when needed is always a good policy.
- Encrypt sensitive data to ensure it doesn’t fall into the wrong hands.
- Keep hardware and software up to date with the latest security patches and threat protection software.
Addressing payments data security
When you’re looking for a payment provider, it’s important to know what to look for and what questions to ask. A trusted provider with proven security protocols that can also demonstrate compliance with international financial and banking regulations can help give you peace of mind.
When partnering with Payoneer, you are guaranteed that all of your disbursements are made through a fully compliant, secure and tightly audited payments platform that is recognized and valued by financial regulators all around the world.
The Payoneer platform features multiple layers of information security and risk technologies that keep you protected against fraud and breach attempts, including registration fraud and account takeover. (Read our blog post, “Securing Your Payoneer Account” for more details.)
Third party tools are implemented at various layers of our platform, including 41stParameter, RSA Adaptive Authentication, MaxMind, AU10TIX, InRule, IDChecker, G2 Web Services and IBM content analytics. This technology, our operations and our years of experience have proven invaluable in preventing all kinds of cyberattacks targeting the organizations that use Payoneer, their sellers and buyers.
- Password security — Payoneer users set up their own passwords, which are encrypted and inaccessible to anyone inside Payoneer. All personal data, as well as each transaction, is protected by strong encryption that makes data unreadable. Any information we receive is protected within our network by secured firewalls.
- Fraud and scam prevention — Every transaction is heavily guarded behind our firewalls and sophisticated anti-hacking techniques. We monitor all transactions to prevent fraud, identity theft, phishing encounters and other attacks. Once a probable attack is identified, our dedicated teams of security specialists investigate the source and take precautions to protect your account, as well as those of other account holders.
- Virtual and physical protection — We back up all your data, all the time. Plus, we protect the physical security and integrity of all data. We are constantly updating our protocols to prevent losses to our facilities through fire, physical theft and accidents. Every access point, either hardware or software related, is protected by secured firewalls and virus detection systems which eliminate tampering and hacking. We apply software patches regularly to close any potential breaches in security, and our systems undergo a mandatory annual and comprehensive PCI audit.
A trusted global provider
- Multi-jurisdictional licensing – Payoneer is registered as a Money Service Business in the US, is licensed as a Money Transmitter in all required states, holds an e-money license in the EU, is a registered as a Funds Transfer Service Provider in Japan and is a licensed MSO in Hong Kong.
- PCI-DSS certification – Payoneer holds Level 1 Payment Card Industry (PCI) Data Security Standard certification (the highest level!), so you know that any personal and credit card data is safely stored and secured.
- Top-level KYC – Our world-class forensics techniques and extensive experience in managing payments related risks let you leave complex KYC due diligence in our capable hands.
- Strict AML procedures – Payoneer adheres to anti-money laundering policies and procedures in full compliance with FATF-GAFI, EU and US regulations, and strict KYC/CIP processes based on payment method and country.
- Global sanctions screening – Protect against registration fraud by screening each payee submitted during the registration process against sanctions lists including OFAC SDN, PEP, HMT, RES 1988, AQ and CFSP.
- Regular audits – Payoneer is audited monthly, quarterly and annually by the world’s leading auditors.
Related resources
Latest articles
-
A guide to starting a business in Estonia as a non-citizen
If you’ve thought about opening a new business somewhere with plenty of government support, expanding your business into the EU, or making it easier to work as a contractor or digital nomad anywhere in the European Economic Area (EEA), you should think about starting a business in Estonia…
-
Amazon Fees & Policy Updates 2024
Amazon regularly makes planned updates to fees and policies that may impact Payoneer customers that sell on Amazon. To keep Payoneer customers informed regarding upcoming and past updates, we’re providing a list of known changes to Amazon fees and Policy updates.
-
How Payoneer’s target exchange rate feature will help you save more on bank withdrawals
Boost savings with Payoneer’s target exchange rate feature.
-
Navigating phishing attacks: A guide to keeping your Payoneer account secure
Keeping your funds safe is our number one priority at Payoneer. While phishing attempts can happen, arming yourself with knowledge is key to keeping your data and money safe
-
Zoho Books and Payoneer integration guide
Learn how to seamlessly integrate Payoneer with Zoho Books. Follow our step-by-step guide to connect your accounts, create invoices, and manage payments efficiently. Optimize your financial operations today!
-
SMB Barometer 2024
Online report SMB Ambitions barometer 2024 Payoneer surveyed 3,779 SMBs across 15 countries to better understand their ambitions as well as their challenges. Dive into our second annual SMB Ambitions Barometer to learn how SMBs are navigating markets, securing capital, and overcoming challenges while pursuing global growth opportunities in 2024. A NOTE FROM OUR CEOWelcome…