Basic Payment Security Issues for your Website/Application

| |

Reading time ~ 3 minutes.

Accessing Website Security

When looking to accept payments online, one of the pertinent issues you have to take care of is the security of your customers’ data. With rampant incidences of identity theft and online fraud, customers are wary giving out their personal data and credit card information online. How can you make customers feel confident to shop at your website or pay to use your application?

If you want to start or expand your business operations online, there are a number of things you need to consider. At this time, we are assuming you have already identified your market, researched the viability of your product and want to start selling it online. Here are some payment security basics you should address before you launch your site:

1. Privacy Policy

You need to have a privacy policy that will make customers comfortable shopping at your site. Customers want to know that their information will be kept secure and confidential and will not be used for malicious purposes. They need to know what you plan to do with the data you collect. If customers don’t trust you, good luck with making sales. AllBusiness has a good guide on what your privacy policy should contain.

Here is an infographic on customer concerns with online payments:



2. Secure Transactions

Ensure that your online transactions will be secure. Use SSL (Secure Socket Layer) encryption to ensure your customers’ personal and credit card data is not compromised or exposed to third parties during transactions.

SSL is an encryption technology that creates a connection between your website server and your user’s web server, and encrypts the information being transferred between the servers. This ensures there is no message forgery, data tampering or eavesdropping from third party users or applications.

To enable SSL on your website, you need an SSL Certificate. Your web hosting company is likely to be offering SSL Certificates. You can also purchase the certificates from other hosting companies. When installed, you can be sure your customers’ data will be secured.

When your site is secured by SSL, you will be able to access it from the standard “http://” to https://. When browsing a secured website, the URL will always start with “https:// “. You can see a “padlock” icon on your browser and sometimes the address bar will be green.

3. Accepting Payments

Having secured your website, you need a way to accept payments from your customers. You can use an in-house billing system or integrate your site with a third party payment processor.

Setting up your own checkout system can be expensive and not worth it in the long run. You will have to invest in infrastructure, support, security and manpower to get your system running. This can cost you from $10,000 to over $250,000 in development. For cloud startups and small and medium sized business, building your own billing system may not be a good option.

To process payments on your own, your company must comply with PCI Data Security Standard (PCI DSS). You can use the PCI DSS Self-Assessment Questionnaire (SAQ) to self-evaluate your company for PCI compliance. You may need to share these details with your acquiring bank.

Another option is to use a hosted billing system to process your payments. Customers can check out at the payment processor’s page. By using a third party payment processor, you will not handle your customers’ credit card data as they do everything for you. Your only work is to get a merchant account and a payment gateway.

What other payment security issues can you think of? Please share it using the comments box below.

Author of the post

John Solomon

Marketing Leader / Sales Enabler. Head of India Operations for @Infrascale / @sosonlinebackup.

Hear from a team of curious beings
A team that’s bent on delivering the best stories, lessons, and observations on SaaS, straight into your inbox. Every week.
SaaS Dispatch Team

Subscription Billing Made Easy

Try for free

Recent Blog Posts

Payment Term, Simplified : All You Need To Know About Net D

Life would be a lot easier if you can invoice your customers now and let them pay later. Read More >

Nearly Everything about New Zealand Tax changes for your Digital Business

Selling your product/service in New Zealand? Peeved by their tax changes? Here's everything you need to know about New Zealand tax changes, and how Chargebee can help Read More >

SaaS Product Marketing with Content
How 4 Top SaaS Companies Use Content to Strengthen Their Product Marketing

Content’s true role in product marketing elicits quizzical looks. Here’s a deep dive into the work of its best practitioners. Hop in. Read More >

Subscription billing software that lets startups deliver recurring happiness to customers.
How Chargebee Works