What Should You Be Asking Your Payment Processing Provider? 5 Security Questions

Touchless MEI and Crane vending payment options at GAD Vending.

What Should You Be Asking Your Payment Processing Provider? 5 Security Questions

What Should You Be Asking Your Payment Processing Provider? 5 Security Questions 1000 666 GAD Vending

Navigating a Connected World

Our world is more connected than ever. The rapid pace of technological innovations has given us access to an unmatched level of convenience and speed in our day-to-day business transactions. But that innovation also comes with increased security concerns—especially when it comes to money and payments, where the security of customer data is paramount, and not all technologies are created equal.

As you consider which technology solutions are best for your business, security concerns should be top of mind. Here are five questions to ask a potential suppliers to help you find the right fit for your security needs.

1.   How are they prioritizing the safety and security of their customers?

When it comes to payments and the protection of your business data and customers’ information, a good partner should take security just as seriously as you do. They should have protocols and teams in place to continuously monitor all technology for potential weaknesses and threats, from the design phase all the way through implementation, service and updates. Look for a company with a dedicated Security Compliance Officer who ensures all processes are carefully followed, and has your business’s security as their top priority.

2.    Are they offering security in-depth, or just at the perimeter?

When you picture security—whether digital or physical—the first thing that comes to mind is protecting the perimeter from outside threats. In the physical world, these are things like locks and security guards—in the digital world, these come in the form of network firewalls and tools to protect technology from outside hackers. But today’s threats can also come through a different source: the applications and devices used by companies and their personnel. A good payments partner should understand the interconnected nature of modern technology and be prepared to address the security threats that come with it. That holistic approach, often referred to as “Security In Depth,” is key to protecting your customers’ payments and their privacy from all sides. Always ask potential partners how they view security – what you’re looking for is a robust, considered answer that reflects a culture of safety, not just a checkbox for your inquiry.

3.    How are they securing connected devices?

The more interconnected devices and applications your system has, the more targets cybercriminals can potentially exploit. But that interconnectedness is key to doing business the way customers expect in 2021—so how are your payments partners protecting your system as a whole? Any holistic security approach should include detailed, dedicated security for connected devices and applications, in addition to network security. If your partners can’t speak specifically to their device-level protections, that could be a red flag.

4.    How are they staying on top of evolving threats?

Security is not a set-it-and-forget-it proposition. New threats and vulnerabilities are arising every day, and the speed at which cybercriminals are taking advantage of those vulnerabilities is accelerating. Any potential security partner should readily acknowledge this reality, and have protocols in place to stay ahead of the latest threats. Look for a partner that is a part of the IoT Security Foundation, which rapidly updates members on relevant security frameworks and threats, allowing all members of the foundation to proactively address threats before they become a problem.

5.    How are they monitoring their own software and technology?

While it’s vital to stay on top of evolving threats throughout the industry, it’s just as important that your suppliers continuously examine their own technology for potential weaknesses, and are positioned to rapidly respond. Tools like Black Duck allow companies to identify potential vulnerabilities before they can be exploited. Your partner should continually monitor all their software and tech, quickly identifying and patching any weak points to keep your data and your customers’ data secure and safe. Transparency is key here – if your partner is open, communicative, and engaged in sharing and correcting potential threats, that’s a good thing – don’t mistake candor in threat communication and correction for weakness in security. It could be a sign that your partner is on top of evolving technology threats, and proactive in solving them. And you can be sure that if your partners aren’t proactive in protecting their own systems, they won’t be proactive in protecting yours.

The Takeaway

When it comes to the security of your business in an interconnected age, the stakes are high—but the right partner can help mitigate those risks and keep your business protected from evolving threats. Any good partner should treat your security concerns as an ongoing discussion to help keep you protected. These questions can serve as the beginning of that discussion as you find the payments partner that’s right for you, your customers, and your business. And while there’s no single way to address security, you can gain confidence in a partner who is open and confident engaging in a discussion, and offers a depth of analysis that goes beyond a simple “yes” or “no.”

Looking for more resources that can help you improve the safety and security of your payment systems? GAD Knows Vending. As an authorized distributor for Crane Vending, GAD knows how to help you secure your vending machines.