Compare over 20 of the best card processors

It takes just 30 seconds...

An SME's Guide To Online Payment Security: What, How, Why, and Tips

Stephen Hart

Stephen Hart

Founder - Cardswitcher

Former - Chief Financial Officer @ Worldpay

As a modern business owner, payment security is vital. Taking payments online is one of the best ways to expand your market and increase sales.

More people than ever are shopping from the comfort of their home, and over 2 billion people bought goods online in 2020.

But accepting digital transactions comes with its risks. If customers are concerned over the security of their transaction, they may fail to go through with the payment at all.

Fortunately, ensuring your payment options are safe benefits both you and the customer. In this article we cover how you can provide secure online payments, how to prevent fraud, and what you need to know about chargebacks.

keyboard with card and key

How to provide secure online payments

Providing secure online payments might feel like a hassle, but will almost always save you time, money and hassle in the long run.

The majority of customers now prefer to pay by card or e-wallet, so how can you ensure payments are secure?

1. Two factor authentication

Two factor authentication is essential when you’re taking payments online or through social media accounts. Any colleagues with log-in access to your merchant account, site, or social media may be able to access your payment transactions too.

With two-factor authentication, you’ll immediately be notified if your account has been accessed from an unknown device or location.

2. SSL protocol

Whether you want to take Google Pay, Apple Pay or various different payment options, an SSL (secure sockets layer), helps keep transactions secure. SLL basically encrypts any details entered onto your site, covering card details and personal information required to complete a transaction.

Though it’s not required for direct debit services, the padlock item at the URL reassures customers that their transaction is protected. Whilst some SMEs forgo SSL certificates believing their transactions are too limited to be a target, this more often makes them a frequent target.

3. PCI compliance

PCI compliance is incredibly important when it comes to taking card payments, as all merchants accepting payment must comply with the Payment Card Industry standards.

This basically means that you need to ensure your payment gateway and virtual terminal are secure. There are different standards required depending on your business size and transaction volume, so it’s important to check you’re taking the right steps for your business.

4. Store sensitive information externally

Having an influx of buyers is great, but when it means suddenly storing all of their card information, it can feel like a huge security risk.

Making use of a third-party that stores customer payment information independently removes the pressure from business owners, as you no longer hold responsibility.

5. Use a verification system

More commonly used for high priced goods, a personal verification system is one of the best ways to keep transactions secure for businesses.

Prior to completing the transactions, customers will have to verify their identity through an official ID, driving license, or passport.

6. Use a payment processor

If the pressure of security is overwhelming for your new or small business, you can also use a third party payment processor. As the customer’s transaction goes directly through the provider’s site, you don’t deal with any private information, and it won’t be stored.

This can also help build trust with consumers, as buying through a known provider like PayPal or AmazonPay reassures them that the transaction is safe.

7. 3D secure

3D secure is an additional form of verification, and typically takes the customer to an authentication site associated with their bank. They will have a token sent to their mobile or email, and this is then entered to the authentication site.

online card payment

How to enhance security and prevent fraud

Preventing fraud as a small or large business can feel daunting. Fraudulent payments are costly for businesses, and when frequent, can damage your reputation.

Card not present transactions are becoming increasingly popular, yet are the most at risk for fraud. So how do you prevent it?

Some of the best methods for reducing fraud are to ensure you are PCI compliant, and be vigilant for any emerging patterns. Individuals committing fraud - whether falsely requesting refunds or using incorrect details - typically develop recognised systems. Being aware of these patterns, and monitoring your orders can help pick up on anything out of the ordinary.

If you’re worried about fraud, follow our top tips to enhance your business security:

1. Have clear refund and return policies

If you’re confident that someone is trying to scam a refund, it can be extra tricky if your refund policies are unclear. Not offering a refund when you believe it to be a fraudulent claim can result in poor reviews if you don’t have the details to back up why you’re refusing it.

2. Keep up to date with current fraud trends

The basics typically remain the same, but fraudsters constantly find alternative ways of hurting your business. Being aware of any current trends can help keep you on the lookout.

3. Provide email confirmation

Keeping your customer updated throughout the order process not only reassures them, but keeps track of where your orders are and when. If something goes “missing”, you can identify exactly where it’s gone wrong.

4. Have clear, accurate product descriptions

If you’re running a small business, it can be tempting to alter your images and descriptions to enhance your products. Unfortunately, taking this too far can result in your customer requesting a refund or filing a chargeback. It’s best to be as accurate as possible so your customers get exactly what they see.

5. Have correct billing descriptors

The billing descriptor is how your transaction is described on a customer’s statement. When customers regularly use online payment systems, they might expect unusual names or descriptions to appear. However if your customer is unable to correctly identify the transaction, it’s likely they’ll file a chargeback or dispute.

online card payment with security


Whether you’re a new or established business, online payment security is crucial to your business growth and reputation.

Offering reliable and secure ways to pay will attract new customers, and ensure the best experience to gain repeated ones.

For more payment security advice, see our post on biometric payments.

Concerned about the additional costs of measures to prevent fraud? Let CardSwitcher save you money elsewhere! Whatever stage your business is at, CardSwitcher’s price comparison site for card processing can help you save up to 40% on your debit and credit card processing!

Compare over 20 of the best card processors

It takes just 30 seconds...

Written by:
Stephen Hart

Stephen Hart

Founder - Cardswitcher

Former - Chief Financial Officer @ Worldpay

Stephen brings a wealth of experience honed through years in the financial sector, particularly in the card processing payments industry. His illustrious career spans key roles at PwC, Natwest, and the role of CFO at WorldPay, before going on to found card processing comparison site, CardSwitcher. He is passionate about helping growing businesses to understand the card processing landscape so they can make savvy financial decisions.