Storing Credit Card Details: The Dangers and the Alternatives

By

Katelin Johnston

If you run a business that takes payments in-person, over the phone or online, you've probably wrestled with the question of whether or not to store your customers' credit, or debit, card details. On the one hand, it can make things more convenient for your customers if they don't have to re-enter their information every time they make a purchase. On the other hand, storing credit card details comes with a certain amount of risk. In this blog post, we'll take a closer look at those risks and explore some alternative payment methods that don't require you to store sensitive customer information.

Interested in what we’re saying?

CONTACT US

The Risks of Storing Credit Card Details

If you choose to store credit card details on your website or in your company's database, you need to be aware of the potential risks involved. First and foremost, there's the risk of a data breach. If your systems are hacked, criminals could gain access to your customers' credit card numbers, expiration dates, and security code— everything they need to make fraudulent charges. Even if you have strong security measures in place, data breaches can still happen. Just ask Optus or Medibank. In fact, according to PwC's 2018 Global Economic Crime Survey, 36 percent of companies experienced some form of economic crime in the last two years, with cybercrime being the most common type of economic crime reported. 

Even if your systems are not breached by an outside party, there's still the risk that employees could misuse customer credit card information. Employees with access to this information could make unauthorised charges or sell customer information on the black market. To minimise this risk, it's important to have strong internal controls in place and to limit access to sensitive information on a need-to-know basis.

There are risks associated with storing credit card details, but there are also alternative payment methods available that don't require businesses to store this sensitive information.

Alternative Payment Methods

If you're concerned about the risks associated with storing credit card details, there are alternative payment methods & processes available that don't require you to store this information, whilst guaranteeing your customers privacy. 

Two popular options are Pebl and Stripe. With both of these payment processors, customers enter their credit card information on a secure page hosted by Pebl or Stripe. The payment processor then transmits the payment information to the merchant (i.e. the business owner) without ever storing the credit card details on their own servers.

Stripe is a technology company based in the United States that provides payment processing and e-commerce solutions for businesses of all sizes. Stripe allows online businesses to accept credit cards and ACH payments, as well as process transactions in multiple currencies.

Based in Sydney, NSW, Pebl is a QR code-based payment provider that offers a simple, convenient way to pay for goods and services. Pebl allows businesses to accept payments in-person using QR codes, or via SMS, Email, Facebook messenger or WhatsApp by sharing payment request links. This not only makes payments quick and easy, but it also eliminates the need for cash or credit cards.

Conclusion

There are risks associated with storing credit card details, but there are also alternative payment methods available that don't require businesses to store this sensitive information. If you're concerned about the risks of storing credit card details, consider using a service like Pebl or Stripe, which will allow your customers to pay without revealing their credit card information to you. Both providers allow customers to also pay via Apple Pay, Google Pay or Samsung Pay, making it even safer for you and your customers to process payments. Whichever method you choose, be sure to keep security top-of-mind to protect both your business and your customers from fraud and theft.