Selling online can be great for your business as it expands your potential customer base to all those connected to the internet. But it also can expose your business to fraudsters, cyber vandals and criminals.
Fraudulent purchases can result in lost revenue and reputation and dealing with credit card chargebacks can be time consuming and make it difficult to assess your current financial position.
Having an online shop can expose your systems to unauthorised access and theft of customer information such as credit card details. Vandals and criminals can also attempt to disrupt your business through denial of services attacks, typically to extort money.
To take full advantage of the digital economy you need to put in place some simple security measures so your business and your customers are protected.
- Keep a look out for suspect online orders. Taking steps to verify a buyer is genuine when you receive an order will save you the potential hassle of a credit card charge back later, and may prevent fraud.
- Secure your e-commerce website. Use the latest version of your e-commerce software and make sure your server is secure (see secure your computers and servers).
- Use strong passwords and change them regularly. Particularly in securing customer financial data.
- Don't store private customer data and credit card details on a public e-commerce server. Store these details offline
- Regularly monitor and test your e-commerce systems. Conduct penetration tests of your systems and audit your security practices to ensure best practice.
On this page
- Identifying suspect online orders
- Secure your e-commerce website
- Help and resources for online businesses
Fact sheets and resources
AusIndustry www.ausindustry.gov.au is the Australian Government's principal business program which provides support and resources for small businesses wishing to take advantage of the digital economy.
e-business guide www.e-businessguide.gov.au
Identifying suspect online orders
There are a number of warning signs that can help you identify suspect online orders:
- Using the most expensive shipping methods.
- Ordering the most expensive products or unusually large quantities.
- Using free, web-based email addresses.
- Different credit card and delivery addresses.
- PO Box delivery addresses.
- International orders.
- Unusual order patterns: for example, orders placed in the middle of the night or in rapid succession.
If you suspect a fraud, there are some ways you can check:
- Call the 'buyer' and ask to speak to the cardholder. Do they sound genuine?
- Ask for a fax of the back strip of the credit card or proof of name and address.
- Check dubious card details with your payment provider to see if the address, security code and postcode match.
Take steps to protect yourself against fraud:
- Consider only delivering to credit card billing addresses.
- For business to business sales, run a credit check on new customers.
- Consider adopting a verification program available from Visa or Mastercard.
- Take advantage of any fraud screening programs run by your payment services provider.
- Get the card security code for credit cards (the extra three security digits on the signature strip) and check it.
Secure your e-commerce website
Make sure your ecommerce website is secure. If you have created your own ecommerce server rather than using a third party hosting company, it is especially important to make sure that the hardware and software is secure. In summary:
- Use the latest version of any ecommerce software. Old versions may have security flaws that hackers can exploit.
- Use strong passwords throughout the system. Don't leave any password set to its default value.
- Make sure the server is protected by an effective firewall and anti-virus software.
- Monitor log files carefully to spot any attempts at intrusion.
- Don't store customers' private information and credit card details on a public ecommerce server.
- Protect your SSL details and keep them secret.
- Consider getting a professional firm to test the defences on your ecommerce system.
Help and resources for online businesses
Do you want to know how to get more from your web presence to help you increase your bottom line? Are you looking to expand your opportunities through an online shop? Or do you know a small business looking for assistance on how to get online, or understand the benefits and potential opportunities by being online? The Small Business Online program is a Government initiative that has funded 47 service providers across Australia to help small business flourish online.
Contact: If you would like to find out more about the Small Business Online program, please contact the AusIndustry hotline on 13 28 46 or firstname.lastname@example.org.