What is Cyber Hygiene? – Cybersecurity Awareness Month

As its Cyber Awareness month we've taken the opportunity to put together some information on how you and your business can stay safe online.

What is Cyber Hygiene?

October marks Cyber Security Awareness Month, a collaboration between the National Cyber Security Alliance and the Department of Homeland Security’s National Cyber Security Division.

Technology is constantly evolving at an exponential rate. Cyber security awareness and good cyber hygiene is crucial for businesses and individuals. Did you know that cyber-attacks now occur every 39 seconds, 95% of which are caused by human error.

We’re taking advantage of Cyber Awareness month to put together some helpful information on how you and your business can stay safe online. Cyber attacks can happen to anyone, and the techniques are becoming more and more sophisticated.

Cyber hygiene is a term for several procedures that businesses, organisations and individuals can follow and practice to ensure a safe and secure digital environment. If you practice these procedures on a daily basis, you can significantly reduce errors that can lead to cyber attacks and security issues.

As a business that deals with finance, digital payments and payment gateways/platforms we take our cyber security and customer data very seriously.

Here are some ways to keep safe in the digital world:

  • Stay educated on cyber security and cyber threats. Sign up to emails that provide alerts about new scams and methods to stay safe online.
  • Keep your software up to date on your phone, computer and any other devices you may have as well as websites. Updated software will include security fixes and patches that keep you more secure. Keeping software up-to-date is critical in preventing exploitation of known vulnerabilities.
  • Use strong passwords and enable two-factor authentication. 
  • Back up your data regularly. This will allow you to revert back to a safer system or allow you to access your data in the case of a cyber event.
  • Stay up to date on cybersecurity news, blogs, and resources. 
  • Encourage friends and family to improve their cybersecurity. 

If you are a sole trader or a small business, you can find out how secure your cyber hygiene is by taking this questionnaire – https://www.ncsc.gov.uk/cyberaware/actionplan/soletraders-and-small-business

Best practice for individuals: As an individual you can follow these top tips to stay safe from fraud and phishing scams:

  • Don’t give any personal information to strangers, someone you’ve never met in real life or anyone you’ve not spoken to for a while, especially online.
  • Be suspicious and cautious of unexpected requests for your personal or banking information. Your bank will never ask for your passwords or expect you to reveal additional personal/private information for example.
  • If a deal, competition or offer seems too good to be true it probably is. Avoid signing up to any offers or deals that ask for your personal details or ask you to click on links.
  • Avoid making quick decisions and be on guard for anyone forcing you to make a decision under pressure or quickly
  • Don’t overshare, whether it’s personal information or financial information. Never give out any bank card information, passwords or memorable data.
  • Make sure your passwords are at least 8-16 characters long that include random letters, numbers and characters. Try not to use pet names, addresses or birthdays for passwords. And always set up 2FA (Two factor authentication) if possible.

See our security protocols that keep our payments services and gateways safe and secure as part of our cyber hygiene:

Security and Fraud Protection

Our payment network is PCI DSS Level 1 registered as an approved service provider by Visa and Mastercard. Our cloud environment is protected by DDoS mitigation tools. Within the gateway, built-in security settings include AVS, CV2 checks, 3D Secure, velocity check rules and additional pre-integrated third-party fraud solutions.

Security Checks and 3-D Secure

We offer Card Security Code (also known as CV2, CVV, CSC) checks, as well as Address Verification System checks (AVS) to strengthen the transaction when the cardholder is using a card that they have the right to use. We also recommend the use of 3-D Secure (Verified by Visa (VBV) and MasterCard SecureCode MSC), again to strengthen the transaction’s security. we can offer 3-D Secure with every E-Commerce Merchant Account using the Payment Gateway.

3-D Secure (3 Domain Server Secure) allows the cardholder to create a unique password for their relevant debit or credit card. This works very much like the PIN would with a PDQ machine in order to authenticate a payment, as only the cardholder should know that password.

In addition, 3-D Secure also assists the Merchant’s liability cover for each transaction authenticated by the process.

Fraud Prevention

Fraud is the UK’s greatest threat to payment security, often being used to finance further crime. It can also have a damaging effect on your business. Fraud prevention solutions help in preventing card transaction fraud from ever taking place.

Our in-house Velocity Checking and various country and card blocking technologies allow you to have complete control over the traffic through your Gateway. You can focus on growing your business: we take care of security.  Velocity Checking is a comprehensive fraud monitoring and prevention system is built into the Payment Gateway and managed within the Merchant Management System. It is used to protect Merchants and minimise fraud by enabling them to set transaction frequency limits and card usage within a specific timeframe.

DDoS

A DDoS (Distributed Denial of Service) attack is an attempt to make an online service unavailable by flooding the bandwidth of a web server with huge amounts of traffic. DDoS attacks are becoming more prevalent in the news, with many high-profile websites disrupted by these attacks. We us a cloud-based DDoS mitigation solution provider that provides with an enterprise level global solution, offering 365, 24/7 protection against the largest DDoS attacks.

This provides you with absolute peace of mind that, no matter the security issue, your payment flow is unaffected.

Recurring Payments with Tokenisation

With every transaction that passes successfully through our Payment Gateway, the system raises a Cross Reference (sometimes known as a Token). These Cross References can be used in lieu of card details for the purpose of repeat or recurring payments, as well as refunds based upon an existing payment.

The Cross Reference will allow transactions to be processed for the same or more or less than the original amount, giving you full flexibility to run subscription, membership or any kind of recurring payments business.

Some businesses use this service as a PCI DSS compliant Card Storage facility, too. This is entirely possible and can be used by processing a full transaction or pre-auth. If you require any further information, please contact us.

Real Time Account Updater Service

This service is also known as the Real Time Updater Service, Visa Account Updater (VAU) or MasterCard Automatic Billing (ABU) Updater.

The Account Updater allows the Merchant to receive updated cardholder data from participating Acquirers, Merchants and Card Issuers. As expiring cards are renewed or lost cards replaced, the updated data allows for a seamless recurring or automated card billing process to take place, reducing the risk of service cancellation.

Merchants receive refreshed cardholder data without making outbound calls – producing an uninterrupted customer payment experience; increasing authorisation approval rates; and improving revenue retention.

Secure Virtual Terminal

Our Virtual Terminal has been designed for Merchants to use with ease when taking secure telephone payments. The secure environment allows a user to process credit and debit card payments, as well as refund transactions, all in real time.

MMS users are able to operate the system under different permissions. This is an ideal solution for call centres, business owners and larger organisations who wish to restrict the ability to view transaction information or process refunds. The Virtual Terminal is a web-based portal and can be easily accessed through a desktop, tablet or mobile device.

Summary

Cyber security protocols are essential to keep yourself, your business and your customer safe from cyber-attacks, fraud and scams. There are a number of ways to stay vigilant and many sophisticated methods to ensure you are always working in a cyber-safe environment. Make sure to keep updated on new methods that strengthen your security and always be cautious about suspicious behaviour and activity.

Share This Article

Stay Connected

More Posts

Stay In The Loop

Sign up to our newsletter to keep up to date with our news and updates.

Outage warning

We have been advised of an outage affecting all customers using Verifone termianls

This is currently under investigation .

We will update as more information becomes available.

Please retry using your service every 30 minutes. 

– Yorkshire Payments Support Team.