Why do bank robbers rob banks? Because it's is where the MONEY is. What if, however, there was NO money in banks, but only worthless tokens (or even no money) that only worked when authenticated in some way.
Theft, at least of hard currency, would be way down, making street criminals' jobs much harder.
One of the glaring security holes that businesses who accept credit cards have is that they often store not only the customer information, but also the credit card information on their own computer systems.
The reason thieves attack these computer systems (both big and small businesses) is to steal the credit card information and buy goods with YOUR MONEY.
I recently spoke with executives from ProPay who explained to me that the way businesses can be most secure is to NOT store any payment information.
A concept that ProPay recently introduced is "End to end security".
To some of you, this might be quite familiar and sound like what you hear from a security vendor.
However for businesses that accept credit cards a TRUE end to end (or E2E) security strategy is protecting computers, networks and servers from hackers, malware and the like. BUT this is only HALF of the end to end security strategy, for retailers.
The other half is ensuring that your retail operation is secure. Ensuring your customers' financial information is safe, is a big part of this. Using ProPay's solution, THEY store all the payment information and are responsible for its security.
When customers buy from your web site, the credit card information goes directly to ProPay. There is nothing, on your computers, for hackers to steal.
At times you might be remote (maybe at a show or something) and need to capture credit card information.
ProPay has a hardware solution that helps you capture the information and encrypt the information. Again, you do not have to store the information on your own computers and stress over if they are secure enough.
There are two parts to this story.
ONE - you need to ensure the security of your customers data and the best way to do this is to NOT have any of their data.
SECOND - you want to keep the core parts of your business inside (such as sales, support) but everything else consider outsourcing to those who can do it better and cheaper than you can.
Ramon Ray is the editor and tech evangelist for Smallbiztechnology.com