Head Office, Johannesburg, South Africa

An entrepreneur’s guide to credit card processing (Demo)


We’ve all heard of credit card fraud horror stories – like the PayGate scam of 2012 and the KFC breach earlier this year – that do little to alleviate our concerns about credit card security. As a consumer, credit card fraud threatens your personal savings; as a business owner, it’s not only you and your company’s assets that are at stake – it’s those of the customers you transact with. It might seem that becoming credit card processing savvy is a complicated task, but it isn’t. In this blog, we share the best tips to avoid being scammed and outline the need-to-know basics about credit card processing.

A merchant bank and a third-party processor are involved in processing payments

Credit card processing is simple. During credit card transactions a customer’s card is read by a card reader, or if shopping online, the credit card details are input into a payment gateway. This data is sent to the customer’s bank (the merchant bank) via a credit card processor. This processor can either be the bank or a third party. The bank authorises the payment and funds are sent from the customer’s account to the account of the recipient. The transfer of sensitive card holder information between these parties is when opportunistic cyber criminals can strike, stealing data that can be used to steal vast amounts of money.

Theft, forgery and fraud all count as credit card fraud

Credit card fraud doesn’t only pertain to complicated cyber attacks that infiltrate credit card processing. Credit card fraud can be as basic as a thief stealing a credit card out of someone’s wallet and using the card to shop online (theft). Then there’s skimming – whereby credit card data and PINs are stolen by a device affixed to ATM machines (forgery). The real threat to businesses is the credit card fraud that happens remotely from the credit card in question. For more information about the types of credit card fraud, refer to the Legal Dictionary’s page on fraud.

Here are some simple measures you can take to prevent both you and your business from being scammed:

  • Use an escrow service. When transacting with customers, there’s always a risk that they don’t make good on payments. One way to protect yourself from non-payment is by using an escrow service. Both you and the customer create free accounts and the customer deposits money into its secure payment portal. Once you can see the funds have been transferred you can then deliver the goods.
  • Choose a reputable credit card machine provider. A credit card machine is a small-business essential – especially if you operate out of a bricks and mortar store. An important way to ensure both your business’ and customers’ card information is kept secure is to choose a reputable credit card machine provider who is PCI (Payment Card Industry) certified to the highest and most recent level.
  • Protect your wifi. As simple as this sounds, making sure the wifi you use to do your online banking – most likely your home or office network – is protected with a strong password. If hackers can access your wifi network, they can also access your banking information.
  • Don’t bank on a public computer. Remote working is the norm these days, and there’s a temptation to get a bit of admin done in between meetings. However, don’t bank over a shared wifi network or on a public computer, even if you’re sure you’ve logged out. Logging into your online banking account should never be done in a café either – for the simple reason that anyone can look over your shoulder to garner sensitive data.
  • Don’t reposnd to phishing SMSs. Phishing is when a supposedly trustworthy institution contacts consumers over text or email, and invites them to update sensitive information such as passwords, date of birth or credit card details. If you receive these messages, like the ones outlined by FNB on their Latest Scams page, ignore them.
  • Use fraud protection offered by your bank. Fraud protection means that you will not incur any damages if you fall victim to credit card fraud. Instead, the bank will incur the cost of any theft. If you do notice fraudlent activity on your account, call your bank immediately.
  • Use a password manager app. The most effective way to protect your secure logins is to use strong passwords, and never to use the same password twice. Keeping track of all these is tricky, which is why a password manager app is a must. PC Mag highlights the best password manager apps for 2015

For more information on how the right credit card machine provider can help your business with secure credit card processing, download the EFTPOS brochure.

Download our EFTPOS brochure