A 2023 report by the Kaspersky Security Network found that Philippine websites were the second most attacked in the world. This sobering finding comes on the heels of the country’s unprecedented e-commerce growth, with the massive influx of new online businesses providing malicious parties with numerous targets. If you’re concerned about protecting your e-commerce site’s reputation and its customers, here are nine important steps you need to take:
1) Partner with a Reputable Third-Party Online Payment Processing Company
As the trends of e-commerce and cashless payments continue to converge, online payment portal selection will become increasingly critical for your business’s and customers’ safety. If you run a typical SME (small-to-medium enterprise), however, building your own in-house online payments gateway can be more trouble than it’s worth. Maintaining online payment platforms requires a serious amount of resources and regulatory compliance that a typical SME will not be able to consistently handle by themselves, making specialized third-party providers a key component of SME cybersecurity.
Among Philippine-based e-commerce startups and SMEs, Maya Business has emerged as the preferred online payment processing service provider, thanks to its products’ thoughtfully implemented security features. Notably, Maya Business solutions like Maya Checkout and Maya Terminal are compliant with the Payment Card Industry Data Security Standard (PCI DSS) for the secure processing of credit, debit, and virtual payment cards. In addition, Maya’s payment solutions are also able to process QR Ph codes and a wide assortment of digital wallets, ensuring all customers can have their preferred method of online payment processed securely.
2) Follow PCI-DDS Guidelines
While their compliance scope is reduced by using a third-party payment gateway, Shopify, WooCommerce, and other E-commerce store owners still need to comply with PCI DSS guidelines on the handling of customer data.
Part of PCI DSS compliance involves developing an internal Information Security program that maps out the path of cardholder data (CHD) as it goes through your business’s system and through any third-party payment processors. Beyond simple PCI DSS compliance, mapping out CHD is an important step, as it gives your cybersecurity team visibility of potential ingress points for malicious actions.
3) Choose a Good Hosting Service
As critical as your internet payment solutionsare, payment processing is not the only vulnerable part of your e-commerce operations. The quality of your hosting service can determine how fast security holes are patched and how frequently your data is backed up. Better hosting services also ensure fewer glitches and less downtime for your e-commerce site, further improving its offered customer experience and its resilience to cyber attacks.
4) Routinely Back Up Your Data
Frequently backing up your data limits your potential financial losses from data breaches, as well as data losses from hardware damage, as can happen during natural disasters or power surges. If you picked a good hosting service, chances are that most of your important data is already being backed up for you. However, your business probably also hosts some critical data on local devices, and this also needs to be backed up to ensure business continuity after a cyber attack or in case of hardware failure.
5) Get a Secure Socket Layer (SSL) Certificate
An SSL encrypts CHD as it moves from your customers' devices to your payment processor, addressing a serious vulnerability. Aside from keeping your customers safe, having an SSL on your site also reduces bounce rates and improves trust, as websites without an SSL certificate will trigger the dreaded “Page not secure” warning on some browsers, which may turn off about 64% of your site's visitors. Installing an SSL into your e-commerce site is, therefore, important for both the security and viability of your online business.
6) Compel Customers and Employees to Create Strong Customers
Strong passwords are necessary for repelling the brute force attacks commonly employed by cybercriminals to breach databases. Implementing basic practices for strong passwords and requiring multi-factor authentication for your site’s account creation and password resets can prevent many common types of cyberattacks without severely compromising the customer experience.
7) Train Your Employees to Avoid Social Engineering Threats
A large proportion of successful cyberattacks focus on the weakest part of online security systems—human users. All your employees need to be trained on how to handle unsolicited communications and, when appropriate, how to verify customer identities. Phishing emails, in particular, should be taken seriously as a large proportion of cyberattacks originate from these malicious messages.
8) Implement a Firewall
Firewalls act as a barrier between your internal network and external threats, allowing you to better control the types of users that can access your site. When paired with other critical cybersecurity measures, such as secure coding practices and intrusion detection systems, they can improve your site’s defense against distributed denial-of-service (DDoS) attacks and the alteration of your site’s code through Structured Query Language (SQL) injections. While they will not prevent all attacks of these types, properly implemented firewalls can still greatly reduce your risk of a data breach.
9) Keep Your Tech Up-to-Date
Buying new computers and software licenses may seem expensive, but passing payment data through older technology can present a serious risk to your customers. To avoid cardholder data breaches, be sure to periodically update any technology that handles customer data.
Keep Your Customer’s Data Safe with Maya Business Solutions
With its extensive experience in SME-oriented digital banking and financial technologies, Maya offers the best online payment processing for Philippine-based small businesses. Create a Maya Business Manager account today for trouble-free online payment processing and exciting growth opportunities.
After creating your Maya Business Manager account, you’ll be able to take advantage of the Maya 1-2-3 Grow bundle. This business growth bundle entitles you to a 1% MDR discount on all QR Ph transactions for 3 months after signing, saving you PHP 14,600 in transaction fees for every PHP 1 million in sales. As part of this bundle, you can also assign a Maya Business Deposit account as your settlement account. You’ll earn a 2.5% per annum interest on your deposit account, which translates to PHP 25,000 in interest per year on a PHP 1 million deposit. Unlocking Maya 1-2-3 Grow also qualifies you for a Maya Flexi Loan offer of up to PHP 2 million in just 3 months, giving you more funding for business expansion. Sign up for a Maya Business Manager account today to enjoy secure online payment solutions and to take advantage of the Maya 1-2-3 Grow bundle.
Merchant inquiries:
Maya is powered by the country's only end-to-end digital payments company Maya Philippines, Inc. and Maya Bank, Inc. for digital banking services. Maya Philippines, Inc. and Maya Bank, Inc. are regulated by the Bangko Sentral ng Pilipinas.
www.bsp.gov.ph