Saturday, January 16, 2010

Seize back control of your online business

As any astute online business owner will tell you, good control is a basic fundamental of good management.

Nobody would think to operate a business without having at the least a decent level of control over it.

Yet, when you accept credit cards online via the current real time online credit card payment processing system set up to handle things automatically you hand over one of the most critical of decision making responsibilities to systems beyond your control.

When accepting credit card payments 'live' online your third party payment gateway processor in association with your merchant account system will, in effect, make the decision as to what orders and credit cards your business accepts and charges.

You can be fast asleep then wake up to find your business has already accepted 20 payments for items or services without even you knowing. This is what live processing of credit cards online is all about - blindly attempting to transact credit card payments entered by anywhere and from anywhere on the open internet.

While automation may be a wonderful thing to some businesses the fact is you are completely blind to the process and are at the mercy of systems not under your control.

But what happens when their systems fail and it processes a credit card payment that later turns out to be fraudulent? What happens when all the much touted (and costly) extra terrific "fraud screening plug-in's" or fantastic "fraud alert system" add-on's fail? Do they take financial responsibility for their own system's failure?

No. It's your fault. You are the one to wear the loss!

Absolutely outrageous, that's what I say.

You only have to look at the growing 'card-not-present' credit card fraud statistics to learn this is becoming an increasingly dangerous likelihood for many online business owners.

In fact, near all of the online credit card fraud in the world today is perpetrated via the real time live online credit card processing method.

For those within the online payment processing industry this is of course perfectly normal practice. Indeed, some may even think it down right troublesome of me to be bringing this strange anomaly to light, after all, this is the way its always been, this is how its done to this very day and this is exactly how the powerful online credit card processing industry plans on keeping it.

Well, despite it not winning me any friends within the industry, I'm here to tell you that's not the way it has to be any longer.

Times are changing and people are starting to make decisions to protect themselves and their online businesses. No longer do you and your business need to be exposed to this absurd risk.

The e-Path manual credit card payment gateway puts an immediate end to the potentially devastating 'Russian roulette' nature of accepting credit cards online where you as the business owner have no control over what credit card payments your own business accepts.

With e-Path it is the bank approved merchant faculty owner who will safely charge the card offline, well away from the risks of the open internet, should they choose to accept the order in the first place. The business owner is in control of their business.

The online business owner of course still needs to be vigilant because they are receiving card not present payments but with e-Path you have the opportunity to check highly pertinent information about the buyer first BEFORE any harm is done - something you can not do when set up to accept and transact credit cards live and automatically online with the much more expensive real time online payment processing method.

So not only is e-Path a less expensive and more secure system but e-Path is also ideal for those who want to accept credit cards online but don't want online orders and payments to be automatically accepted and charged blindly on the open internet without them knowing.

Seize back control of what orders and payments are accepted online and save a considerable amount of money along the way.

... just a thought
Peter Thwaites

Wednesday, January 13, 2010

Is CDU Compliance the future of ecommerce?

At the end of today's rambling you will have a clear understanding of exactly how the vast majority of the world's credit card fraud can be terminated.

Not quite the same as disclosing the cure for cancer but considering highly sensitive credit card and identity data theft and credit card fraud are all considered the electronic cancers of our day and age, then perhaps pretty close.

It is called CDU (Critical Data Unlpugged).

Have a read of that section and you'll end up with the knowledge that has either completely eluded the mega-billion dollar online payment processing industry or perhaps is being quietly ignored by choice.

But first let me make the important point that CDU (Critical Data Unplugged) is not an official data security standard. It is not enforceable by any established authority.

CDU (Critical Data Unplugged) is a genuine local initiative to term the absolute fool-proof security practice of terminating the core root reason why the vast majority of critically sensitive and private information becomes available to be compromised in the first instance.

It's all about promoting the complete removal of all critically sensitive and highly confidential data from being permanently stored online, in any database, network, storage device or internet connected system. When data doesn't exist it can't possibly be stolen.

The force behind the new CDU initiative originated directly from Police and law enforcement authority advice to the general public and business communities on how to guarantee total and absolute protection for all forms of critically sensitive information in the internet connected world, not just credit card and identity data.

Police and law enforcement authorities don't mess around. Keeping people safe and secure is their purpose, they are not motivated or influenced by what makes money or what doesn't make money.

There will perhaps always be card skimming type scams (or similar), or wallets and purses being stolen, but in reality the fraud derived from credit cards stolen from these methods represents only a very small portion of credit card fraud today

By far the real issue is internet borne theft of sensitive data and fraud perpetrated on the internet.

The overwhelming majority of the world's stolen credit card and identity data can be traced back to that data being compromised (hacked, copied, stolen etc.) when permanently stored online, within payment processing systems, on e-commerce websites, from networks, from storage devices or from internet connected systems.

Real time credit card payment processors have the unenviable reputation of being "where it's at" for hackers, cyber criminals and online criminal gang syndicates intent on stealing big numbers of credit card details. And with the possibility of huge numbers of highly sensitive credit card details permanently stored within their systems, its like a red flag to a bull, the perfect made to measure pot of gold target for online criminals.

Same is the case with any website, online storage device or anything similar that permanently stores sensitive credit card and identity data. However ....

1. When data doesn't exist it can't possibly be stolen or compromised.
2.  Without any credit card or identity data being stolen or compromised then credit card fraud would dry up to a trickle.

The understanding of those indisputable and fundamental facts and the bold preparedness to implement ground-breaking practices, policies and processes based on them has the potential to turn dreams of a world without credit card fraud into an absolute distinct possibility.

This is what CDU (Critical Data Unplugged) is all about. 

We live in a world of electronic devices, where internet systems, networks and online storage appliances are very much a part of how the business world operates. For many businesses it would simply not be possible to operate effectively if they no longer stored sensitive information within their systems.

However, this is absolutely no excuse to throw in the towel on efforts to end credit card and identity data theft and to halt online credit card fraud.

CDU security practices are being adopted, by choice, by people and many businesses courageous enough to move away from permanently storing sensitive data on internet connected systems, storage devices and networks in order to afford themselves and their customers with by far the most effective data protection ever proposed in this age of the internet.

e-Path is one such company.

To learn how e-Path came about, see: About e-Path Pty Ltd.

By venturing well in advance of established automated architecture and mechanics and by operating to CDU security ideals, e-Path is able to deliver a brand new method to accept credit cards online that is now closer than ever before to achieving the 'Holy grail' in online cardholder data security ...

You can't thieve something that doesn't exist.

And there rests the key to a future without credit card fraud.

... just a thought
Peter Thwaites