nCipher Security Blog

Turn Cyber Monday into Safe Payment Monday

Peter Galvin | Chief Strategy Officer More About This Author >

The National Retail Federation (NRF) reports that more people plan to shop on Cyber Monday than ever before. In its annual Preliminary Thanksgiving Weekend Survey, the NRF asked consumers specifically about their Cyber Monday shopping plans; almost 80 percent—an estimated 184 million unique shoppers—said they will or may shop that day. Predictive analytics firm Custora reports that last year, 26 percent of e-commerce sales came from mobile devices between Thanksgiving and Cyber Monday. The expectations for this holiday season are even greater.

As always, cyber criminals will also be out in force. For instance, ZeroFox found that 64 percent of retailers experience phishing attempts on Cyber Monday. With more and more consumers planning on leveraging mobile devices and mobile payments to get their holiday shopping done this year, small merchants and mobile businesses need to take a moment to consider how they can keep their customers' payment data safe.

Going into Cyber Monday, what can retailers do to ensure greater data security? Here are three best practices:

  1. Ensure personally identifiable information (PII) is not identifiable. By encrypting the data in all 3 phases, at rest, in transit and in use and never in the clear. This way, if your data is breached, it will be worthless to whoever steals it.
  2. Tokenization is also vitally important because it removes all card data from the merchant environment. To do this, merchants must implement a security- or storage-based tokenization solution, which protects the merchant’s environment by replacing sensitive cardholder data with non-decryptable information that is meaningless to hackers.
  3. It is critical to use hardware-based encryption and proper key management. Retailers must have the highest level of assurance so that critical data won’t be stolen. The use of hardware security modules (HSMs) enables them to defend against external data extraction threats and to protect against malicious insiders who could compromise critical information.

With these technology best practices in place, you and your customers can feel more confident about the biggest online shopping day of the year.