With the General Data Protection Regulation (GDPR) now in full force, losing customer data can have serious consequences for businesses – especially for SMEs, which may not survive a hefty fine. Payment data, actively targeted by malicious entities online, is particularly at risk. A new generation of specialist fintech products for business may hold the answer.
How do I prevent the loss of customer data? Am I personally liable? How much will I be fined?
The questions around GDPR regulations, and what to do if you lose customer data, are endless. And as payments move online, the financial risk of falling foul of phishing, scams or hacks is higher than ever. However, new fintech solutions specially designed to protect business’ interests, as well as customers’ data, are starting to enter the market.
These are solutions built to fit the niches of specific industries. For instance, PayNode, the world’s first end-to-end payment platform for private jet charter, facilitates the entire transaction, from customer, to sales broker, to flight operator. It also introduced the most risk-free payment experience in the industry when it launched in 2017, taking on card fraud, personal fraud and data security in one fell swoop.
The ‘old way’
Amazingly, though, there are still businesses doing it the old-fashioned way – not just relying on cash, but also on remote card payments. Niche industries, such as private jet charter, have been using these methods for years, and little has changed until recently.
To charter a private jet, traditionally a merchant will first request a fax or scanned copy of a customer’s payment card, which is held as hard copy in a lever-arch file. The merchant then takes the payment without the customer being present, entering their card details into a point-of-sale terminal.
When PayNode launched, almost 80% of transactions were made this way. And when the average transaction value is $35,000, as it is in private air charter, such processes are undoubtedly at high risk of customer payments fraud and data breaches.
Digital payment risk
Yet for those who have entered the modern age for payments, data security is still a major concern. Mobile payments, wire bank transfers and cardless systems such as ApplePay are increasingly the making of cashless, even cardless, societies. Financial trade body UK Finance reported that card payments overtook cash for the first time last year, and nearly 3.5 million rarely use cash at all.
But a survey by Osborne Clarke in April 2018 revealed that eight in ten European consumers say they are concerned about fraud should mobile payments completely replace cash – a 12% increase from 2017. 80% of consumers are also concerned over wider security breaches, and with good reason. For many corporations, legacy security systems hinder their ability to respond to cyberattacks in real-time.
This has led to well-documented data hacks at big name companies, including:
- Target Stores (2013): credit/debit card data of up to 110 million exposed
- Home Depot (2014): credit/debit card data of 56 million exposed
- Uber (2016): contact information of 57 million users and 600,000 drivers exposed
- Equifax (2017): 143 million consumers breached; 209,000 credit card data exposed
As cybersecurity develops, malicious entities simply become more sophisticated to match, meaning the era of data breaches is unlikely to end anytime soon. Plus, with some companies failing to be transparent about data breaches, it is little wonder consumer, stakeholder and business confidence is low.
So what’s to be done? For businesses concerned with losing customer data, specialist fintech products are the answer.
Established B2B platforms such as PayNode are supported by bank-level security measures adapted for digital platforms. These include industry-standard Secure Sockets Layer (SSL) encryption certificates, which ensure all data passed between the web server and browsers remains private and integral.
This gives small fintech companies the capacity for lean project development, pushing ahead with disruptive technologies such as blockchain and machine learning to produce more effective systems without compromising on security.
Blockchain, through the use of encrypted distributed ledgers, has the potential to provide secure real-time verification of transactions, and is already the focus of substantial investment from major institutions including MasterCard. In addition, machine learning is now put to use detecting unusual patterns of behaviour, alerting cybersecurity teams before a major breach takes place.
These fintech products are created specifically for the industries in which they operate, and are often experts in their field. As a result, businesses can rely on them for advice on payment logistics unique to their industry. For instance, in private jet charter, many transactions take large sums of money cross-border, which can be problematic following traditional payment routes.
Relying on legacy systems, and the ‘old way’ of processing payments, is simply no longer an option given the serious implications data breaches can have for businesses. But solving the headache of lost customer data is simple, when you rely on experts to do the job for you. Businesses should protect against vulnerabilities and trust in the data security capabilities of innovative, yet reliable, fintech solutions.