
October marks Cyber Security Awareness Month, a collaboration between the National Cyber Security Alliance and the Department of Homeland Security’s National Cyber Security Division.
Technology is constantly evolving at an exponential rate. Cyber security awareness and good cyber hygiene is crucial for businesses and individuals. Did you know that cyber-attacks now occur every 39 seconds, 95% of which are caused by human error.
We’re taking advantage of Cyber Awareness month to put together some helpful information on how you and your business can stay safe online. Cyber attacks can happen to anyone, and the techniques are becoming more and more sophisticated.
Cyber hygiene is a term for several procedures that businesses, organisations and individuals can follow and practice to ensure a safe and secure digital environment. If you practice these procedures on a daily basis, you can significantly reduce errors that can lead to cyber attacks and security issues.
As a business that deals with finance, digital payments and payment gateways/platforms we take our cyber security and customer data very seriously.
If you are a sole trader or a small business, you can find out how secure your cyber hygiene is by taking this questionnaire – https://www.ncsc.gov.uk/cyberaware/actionplan/soletraders-and-small-business
Best practice for individuals: As an individual you can follow these top tips to stay safe from fraud and phishing scams:
Security and Fraud Protection
Our payment network is PCI DSS Level 1 registered as an approved service provider by Visa and Mastercard. Our cloud environment is protected by DDoS mitigation tools. Within the gateway, built-in security settings include AVS, CV2 checks, 3D Secure, velocity check rules and additional pre-integrated third-party fraud solutions.
Security Checks and 3-D Secure
We offer Card Security Code (also known as CV2, CVV, CSC) checks, as well as Address Verification System checks (AVS) to strengthen the transaction when the cardholder is using a card that they have the right to use. We also recommend the use of 3-D Secure (Verified by Visa (VBV) and MasterCard SecureCode MSC), again to strengthen the transaction’s security. we can offer 3-D Secure with every E-Commerce Merchant Account using the Payment Gateway.
3-D Secure (3 Domain Server Secure) allows the cardholder to create a unique password for their relevant debit or credit card. This works very much like the PIN would with a PDQ machine in order to authenticate a payment, as only the cardholder should know that password.
In addition, 3-D Secure also assists the Merchant’s liability cover for each transaction authenticated by the process.
Fraud Prevention
Fraud is the UK’s greatest threat to payment security, often being used to finance further crime. It can also have a damaging effect on your business. Fraud prevention solutions help in preventing card transaction fraud from ever taking place.
Our in-house Velocity Checking and various country and card blocking technologies allow you to have complete control over the traffic through your Gateway. You can focus on growing your business: we take care of security. Velocity Checking is a comprehensive fraud monitoring and prevention system is built into the Payment Gateway and managed within the Merchant Management System. It is used to protect Merchants and minimise fraud by enabling them to set transaction frequency limits and card usage within a specific timeframe.
DDoS
A DDoS (Distributed Denial of Service) attack is an attempt to make an online service unavailable by flooding the bandwidth of a web server with huge amounts of traffic. DDoS attacks are becoming more prevalent in the news, with many high-profile websites disrupted by these attacks. We us a cloud-based DDoS mitigation solution provider that provides with an enterprise level global solution, offering 365, 24/7 protection against the largest DDoS attacks.
This provides you with absolute peace of mind that, no matter the security issue, your payment flow is unaffected.
Recurring Payments with Tokenisation
With every transaction that passes successfully through our Payment Gateway, the system raises a Cross Reference (sometimes known as a Token). These Cross References can be used in lieu of card details for the purpose of repeat or recurring payments, as well as refunds based upon an existing payment.
The Cross Reference will allow transactions to be processed for the same or more or less than the original amount, giving you full flexibility to run subscription, membership or any kind of recurring payments business.
Some businesses use this service as a PCI DSS compliant Card Storage facility, too. This is entirely possible and can be used by processing a full transaction or pre-auth. If you require any further information, please contact us.
Real Time Account Updater Service
This service is also known as the Real Time Updater Service, Visa Account Updater (VAU) or MasterCard Automatic Billing (ABU) Updater.
The Account Updater allows the Merchant to receive updated cardholder data from participating Acquirers, Merchants and Card Issuers. As expiring cards are renewed or lost cards replaced, the updated data allows for a seamless recurring or automated card billing process to take place, reducing the risk of service cancellation.
Merchants receive refreshed cardholder data without making outbound calls – producing an uninterrupted customer payment experience; increasing authorisation approval rates; and improving revenue retention.
Secure Virtual Terminal
Our Virtual Terminal has been designed for Merchants to use with ease when taking secure telephone payments. The secure environment allows a user to process credit and debit card payments, as well as refund transactions, all in real time.
MMS users are able to operate the system under different permissions. This is an ideal solution for call centres, business owners and larger organisations who wish to restrict the ability to view transaction information or process refunds. The Virtual Terminal is a web-based portal and can be easily accessed through a desktop, tablet or mobile device.
Summary
Cyber security protocols are essential to keep yourself, your business and your customer safe from cyber-attacks, fraud and scams. There are a number of ways to stay vigilant and many sophisticated methods to ensure you are always working in a cyber-safe environment. Make sure to keep updated on new methods that strengthen your security and always be cautious about suspicious behaviour and activity.
Sign up to our newsletter to keep up to date with our news and updates.
Our Tech Support Team are available to help you with your day to day troubleshooting. Our on-call hours are as follows:
Monday – Saturday: 8am – 11pm Sunday & Bank Holidays: 10am – 4pm (See our Christmas Opening Times for more info)
Yorkshire Payments
22 Bethel Street
Brighouse
West Yorkshire
HD6 1JN
© Copyright 2025 Direct Card Solutions Limited T/A Yorkshire Payments Company Number: 08484768 Registered Office: Direct Card Solutions Limited T/A Yorkshire Payments, 22 Bethel Street, Brighouse, HD6 1JN. Yorkshire Payments is Authorised and Regulated by the Financial Conduct Authority. FCA Number: 834172. Direct Card Solutions Limited T/A Yorkshire Payments is Regulated by The Information Commissioner’s Office. ICO Number: ZA000511
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checkbox-advertisement | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category . |
cookielawinfo-checkbox-analytics | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Analytics" category . |
cookielawinfo-checkbox-functional | 1 year | The cookie is set by the GDPR Cookie Consent plugin to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checkbox-necessary | 1 Year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Necessary" category . |
cookielawinfo-checkbox-non-necessary | 1 Year | Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Non-necessary" category . |
cookielawinfo-checkbox-others | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Others". |
cookielawinfo-checkbox-performance | 1 year | Set by the GDPR Cookie Consent plugin, this cookie is used to store the user consent for cookies in the category "Performance". |
CookieLawInfoConsent | 1 year | Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie. |
elementor | Never | This cookie is used by the website's WordPress theme. It allows the website owner to implement or change the website's content in real-time. |
viewed_cookie_policy | 1 year | The cookie is set by the GDPR Cookie Consent plugin to store whether or not the user has consented to the use of cookies. It does not store any personal data. |
Cookie | Duration | Description |
---|---|---|
NID | 6 months | NID cookie, set by Google, is used for advertising purposes; to limit the number of times the user sees an ad, to mute unwanted ads, and to measure the effectiveness of ads. |
VISITOR_INFO1_LIVE | 5 months 27 days | A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface. |
YSC | session | YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages. |
yt-remote-connected-devices | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
yt-remote-device-id | never | YouTube sets this cookie to store the video preferences of the user using embedded YouTube video. |
yt.innertube::nextId | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |
yt.innertube::requests | never | This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen. |
Cookie | Duration | Description |
---|---|---|
COMPASS | 1 hour | No description |
Cookie | Duration | Description |
---|---|---|
__cf_bm | 30 minutes | This cookie, set by Cloudflare, is used to support Cloudflare Bot Management. |
__lc_cid | 2 Years | This is an essential cookie for the website live chat box to function properly. |
__lc_cst | 2 Years | This cookie is used for the website live chat box to function properly. |
__oauth_redirect_detector | Past | This cookie is used to recognize the visitors using live chat at different times in order to optimize the chat-box functionality. |
S | 1 hour | Used by Yahoo to provide ads, content or analytics. |
Cookie | Duration | Description |
---|---|---|
_ga | 2 Years | The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors. |
_gat_gtag_UA_220506577_1 | 1 minute | Set by Google to distinguish users. |
_gid | 1 day | Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously. |
CONSENT | 2 years | YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data. |
vuid | 2 years | Vimeo installs this cookie to collect tracking information by setting a unique ID to embed videos to the website. |