Credit Cards and Cyber Attacks

alt The holiday season is in full swing, and consumers seem to have their credit cards attached to their fingertips, ready to swipe at will. It's a double-edged sword for businesses; on the one hand most places can't get away with cash-only policies, and customers could be more likely to spend more on plastic, but on the other hand you open yourself up to credit card fraud and all the headaches and costs that come with it. So, how can a restaurant protect itself against credit card fraud?

EMV Movement

First, the numbers. By now you know that EMV (basically chip-embedded credit cards for those who missed the past year of panic in the world of plastic payments) is taking over, and chances are you've already started to either take steps to deal with the transition, or started freaking out about the fact that you haven't taken any steps yet. Here's where the U.S. stands now:

This Restaurant Business conducted some research on credit card scammers and found the following data.

  • Fewer than half of restaurants and stores are equipped to accept "harder-to-counterfeit" EMV credit cards
  • 69% of restaurants and retail establishments are at least aware of the increased liability they face by not accepting the new chip-embedded cards
  • 75% of shoppers are carrying EMV cards

alt A Shield for Cyberattacks

So, now that you know you're not alone in dragging your feet on EMV, what can you do to protect yourself against fraud?

Restaurant Business Online recently did a great piece about Cyber Attacks, where they interviewed Tom Reagan, cyberpractice leader at insurance brokerage Marsh, to gain some insight into the world of minimizing liability risk. Here are some main takeaways from Tom:

  • A restaurant with about 20 units, revenue of $10 million and an insurance limit of $1 million to $5 million would pay between $5,000 and $50,000 for a policy, depending on a number of factors.

  • Those factors include

    • The version of your POS system
    • The utilization of end to end encryption
    • What is your on-going testing of your security and what protocols are in place

The obvious takeaway here is that you should make sure you're using a POS system with robust anti-fraud technology, and up-to-date end-to-end encryption for all transactions. And while you're at it, train and check up on your staff to make sure they're taking care of the obvious stuff, like not letting cards lie around in the open when they're managing tabs.

Plus, Regan says when you're going in to buy these kinds of insurance policies, be prepared to spell out all of the above and tell the insurance salesperson exactly what you are doing to stop fraud before it happens. A good story can go a long way in lowering your rates...

It's a dangerous cyber-world out there. Protect yourself as best you can, and... Good luck!