Having even one credit card number stolen from your site can tarnish your reputation and impact sales for years. It is important to be aware of potential security flaws and how to mitigate them to protect yourself.
“A breach of cardholder data can be big money in fines and remediation efforts. If there isn’t a need to keep this data, it’s suggested that it’s not kept at all,” suggests John Carr, owner of Bluebird Consulting, a Detroit based security firm. “For many ecommerce sites, the best option is simply to work with a third-party processor that will not only process credit cards, but also be the payment site [to store the data] as well.”
Many ecommerce sites store customer data and credit card numbers well after they are needed. Even with a secure website, credit card numbers could be stolen by any person (employees, contractors, cleaning people and building support, for example) who has access to your servers. Hold data only long enough to process the transaction (or as long as any return/exchange period) and then automatically purge it from your database. While the customer information is in the database, make sure it’s properly encrypted and secured. Only those with a need to see the data should have access to it.
Without secure sockets layer protocol (SSL), traffic between your site and your customer’s computer is sent in clear-text, which is easily readable by thieves. Information such as credit card numbers, card verification codes, expiration dates, addresses, and names can be intercepted by a thief. This information is especially easily to grab in places with free wireless access, such as coffee shops and airports. Using SSL for all transactions on your site will encrypt information so it appears to be gibberish to potential thieves.
SQL Injection Attacks
By trying to add or change the URLs that are used on various pages of your ecommerce site, a malicious user will try to pull credit card information (or other personal information) out of a website’s backend database. To protect against this type of attack, work closely with your software vendor to obtain security updates. For custom-built applications, free tools such as Wikto or SQLMap can aid with detecting if your database application is vulnerable. Generally, all SQL statements in code should be “escaped out” or written in such a way to ignore unexpected input. Hiding variables used to access the database and using mod-rewrite for your URLs are good practices as well.
Just like any other type of software, ecommerce software is subject to programmer errors. These errors could allow a thief to get access to credit card numbers by entering bad information into forms, for example. Staying current with security updates from your software vendor is key. For custom software, free tools also exist to detect vulnerabilities. These tools include Wikto and Nessus, and they can help identify a host of application vulnerabilities.
A phishing email looks like a real email from your company instructing people to click on a link to update their personal information. The link actually goes to a fake version where a thief can collect credit card numbers and other information. Many of these emails look so real that even experienced Internet users will be fooled by them. This is a difficult problem to solve entirely, but make sure your customers know that you will never solicit their information via email. For additional security, Extended Validation SSL certificates allow customers to confirm that the site they are visiting is actually yours by showing an extra validation in the address bar of their browser.
Poor Server Security
Servers that are not updated and monitored regularly can be open to security breaches. Thieves run automated worldwide scans across the entire Internet looking for servers that can be breached. Make sure your hosting vendor has proper administrative policies and service level agreements to ensure the security of your server. If you’re hosting your own system, make sure whoever is in charge of the server is paying attention to security alerts and releases for the operating system and any applications.
Backups are imperative for restoring websites from crashes, but it is often forgotten that any data that is stored in your live website is also on your backups. Sometimes backups also reside on the same server as your live site. If a thief gains access to your server, they may steal credit card numbers from your backup instead of your live site (it is usually less obvious). Protect backups of customer data through encryption and storage on a separate secured system.
Being aware of potential security issues is your best defense. If you don’t have time for monitoring, consider having a security consultant check your site occasionally.