total jobs On RetailCrossing


new jobs this week On RetailCrossing


total jobs on EmploymentCrossing network available to our members


job type count

On RetailCrossing

Beat the Breach: Four Tips for Retail Managers to Stop Credit Card Fraud

What do you think about this article? Rate it using the stars above and let us know what you think in the comments below.
We've all seen the credit card commercials with endless lines of consumers mechanically picking out goods, swiping their credit cards, and heading on their way. Everything is cruising along: scan, swipe, receipt...scan, swipe, receipt. But then the shopping assembly line comes to a grinding halt when one shopper whips out a checkbook instead of a card. The message: using credit or debit cards when purchasing is faster, easier, and more convenient for everyone.

With that demand for convenience come numerous concerns and risks for today’s retailer. In fact, not one year ago, TJX, the parent company of discount retailers TJ Maxx and Marshalls, disclosed that over 45 million customer credit and debit card numbers had been stolen from the company’s databases by cyberthieves. Read that number again: 45 million. That’s more than five times New York City’s total population. Today, the company is still struggling with security updates, legal fees, governmental processes, audits, customer relations, and the seemingly irremovable blemish on its reputation as a respected retailer — not to mention the hundreds of millions of dollars lost in legal fees, lost sales, and fines.

While a case of the sheer magnitude of the TJX case had never been seen before, breaches are nothing new. DSW Shoes, Polo Ralph Lauren, and BJ’s Wholesale have all had the misfortune of falling victim to data breaches, exposing millions of card numbers over the last couple of years. Retail companies have faced increasing struggles with protecting credit card data as the use of plastic has continued to increase.

Since security responsibilities tend to fall from the high-level executives down at a retail company, managers at retail outlets — big and small — must make customer credit card data security an absolute priority. If it isn’t, you could be setting yourself up for disaster. Managers must be vigilant when it comes to sniffing out potential security threats. They are on the front lines and have to be on the lookout for fraud, scams, and breaches at all times.

The tips below are designed to help retail managers keep an eye on possible weak spots thieves can exploit.

1. Don’t Write It Down.

Believe it or not, a number of retailers are still physically writing down customer credit card information. Whether it’s happening on telephone orders or in stores, cashiers and salespeople throughout the retail industry are still putting pen to paper in order to get payment information. While on the surface this may seem harmless, writing card numbers on paper creates an additional opportunity for fraud to occur by creating an unnecessary copy of the card that ends up on a floor or in the garbage. The practice of “dumpster diving” by would-be thieves is very real and very effective.

Retail managers must institute a “no-write-down” policy for their employees. At no point should an employee ever write down a customer’s credit card information, regardless of the reason — it’s simply not worth the risk. For larger outlets this commandment is relatively easy to follow as they have the ways and means to employ sophisticated payment technology solutions that can eliminate the need to write down sensitive information. Adjusting to the “no-write-down” policy will take some initial financial commitment for smaller retailers as they make payment technology upgrades, but they need to know that doing so will save their companies’ wallets and reputations in the long run.

2. Keep an Eye on Your Credit Card Processing Equipment.

Retail managers also need to keep an eye on payment hardware as data thieves are attaching or installing covert devices to self-swiping stations. In fact, not too long ago, convenience store chain Stop & Shop fell victim to a data breach. Criminals had broken into checkout-line card readers and planted “bugs” designed to steal customers’ credit card information. In the end, Stop & Shop was unable to tell just how many identities they lost.

Retail managers should train their staff to monitor payment equipment — especially pieces that customers use on their own such as card readers or self-checkout scanners. Doing so will help the company avoid yet another danger of credit card theft.

3. Use Card Number-Free Receipts.

Another data security no-no is printing out the actual credit card number on the transaction receipt. The payment card industry (folks like American Express, Visa, MasterCard, and Discover) set out data security standards specifically stating that printing complete credit card information out on a receipt is strictly forbidden; however, a number of retailers do it anyway.

For whatever reason, there are scores of companies that, for each transaction, print out a receipt that has the customer’s credit card information included. While this may seem like a harmless, after-the-fact action, the reality is that many of those receipts end up in the trash or get misplaced. Remember “dumpster diving”? Receipts are an even better find as they are proof that a card recently worked. In some cases, they even contain the customer’s name, making it that much easier to use the number in a fraudulent fashion.

As a retail manager, if you see that your system is printing receipts with customer credit card information included, take the initiative to demand that your company implement a payment technology upgrade. Although this is one of the easiest ways thieves can get their hands on credit card data, it is also one of the easiest to avoid.

4. Understand Your Payment System.

Beyond the physical opportunities for credit card data theft, the largest danger lies in the payment process itself. For retailer managers and their employees, this is the virtual world where electronic data flows to and from a number of touchpoints in order to be approved or declined for the sale. At the end of the sale process, the details of this electronic data are stored on computers by companies, allowing for future access to the data. By default, having this large quantity of credit card numbers in one single location begs for hackers to target these systems, looking to score large quantities of data at one time.

While the data is certainly at risk as it is being passed among the stores, the banks, and the card companies, the storage of this data at the end of the process is by far the riskiest. Picture a warehouse with mountains of files containing credit card data — each one with a name, account information, an address…an exact copy of a customer’s credit card. This is where data thieves can access bulk quantities of credit card information.

As a manager, take some time to understand your company’s payment system and be familiar with the latest trends in credit card data security. Learn how and why your company may be storing this highly sensitive data. You may want to talk to senior management about upgrading your systems and possibly even partnering with a new credit card processor that offers the latest technologies in data security. Nobody wants to be the next headline as the latest company to lose credit card data and, ultimately, the trust of their customers.

Make It Safe, Make It Happen

When it comes to securing customer credit card data, retail managers have a tremendous opportunity to make sure their company is following proper security protocols such as monitoring card equipment or outsourcing all card processing. Not doing so could cost your company millions in lost business and damaged reputation. You are on the front lines. Take the time each day to follow these tips, and become the voice of data security for your company. The boss will thank you.

About the Author

Jason Gwynn is the vice president of sales at Electronic Payment Exchange (, a leading provider of payment processing solutions headquartered in Wilmington, DE. EPX is the developer of BuyerWall, the first and only cardholder data protection system that eliminates merchant liability while allowing complete control of the customer experience. For more information on credit card data security, news, and solutions, visit or call 302-264-3110.
If this article has helped you in some way, will you say thanks by sharing it through a share, like, a link, or an email to someone you think would appreciate the reference.

Popular tags:

 consumers  credit cards  managers  procedures  priority  New York City  populations  customers  hundreds  victims

By using Employment Crossing, I was able to find a job that I was qualified for and a place that I wanted to work at.
Madison Currin - Greenville, NC
  • All we do is research jobs.
  • Our team of researchers, programmers, and analysts find you jobs from over 1,000 career pages and other sources
  • Our members get more interviews and jobs than people who use "public job boards"
Shoot for the moon. Even if you miss it, you will land among the stars.
RetailCrossing - #1 Job Aggregation and Private Job-Opening Research Service — The Most Quality Jobs Anywhere
RetailCrossing is the first job consolidation service in the employment industry to seek to include every job that exists in the world.
Copyright © 2024 RetailCrossing - All rights reserved. 168