Small Merchants and Ecommerce, Big Targets for Card Information Thieves


Despite the massive security breach that just affected millions of Sony members, a new study shows it’s actually small merchants that are constantly under siege by payment system hackers. In fact, 90% of all credit card security compromises last year affected Level 4 merchants, which are defined by payment networks as a business that processes less than 20,000 Visa transactions a year, or under 1 million credit card transactions collectively through all payment vendors.

This is according to Trustwave, an IT security solutions provider that recently unveiled its Payment Card Trends and Risks for Small Merchants report, identifying a notably higher risk for small business owners to become the potential victim of a security breach.

Based on the findings, hackers who seek out ways to exploit the vulnerable areas of a payment system seem to understand that smaller merchants have a greater tendency to neglect security standards in order to stay focused on day-to-day operations. It makes sense that any business with an ecommerce presence and less than 50 employees would have a hard time justifying an in-house IT staff, and indeed many businesses fail to take basic steps to secure their network and ensure that customer information is protected.

While it’s important to note that the majority of small businesses in this report have been identified as brick and mortar stores, many of them have expanded into the world of ecommerce. With that said, the study indicates that 75% of security breaches actually occur though point-of-sale software in a retailer’s physical location, while 11% occur through employee workstations, and 9% are the result of ecommerce payment systems. I’m sure anyone who feels hesitant about the legitimacy of enterprise ecommerce security might be shocked to see the contrast of those numbers.

Although the report may be reiterating the obvious, the actual data ought to provide a stark reminder to small business owners that by not incorporating vital security practices they are jeopardizing not only the information of their customers, but potentially the future stability of their own company.



Jared Matkin is a staff writer for HotWax Media with a background in PR, Branding and Marketing. He’s also a light-hearted and an opinionated character who will join other HotWax Media employees and advisers in periodically posting his thoughts on topics ranging from enterprise eCommerce to business and technology.

DATE: May 21, 2011
AUTHOR: HotWax Systems
Enterprise eCommerce, eCommerce, Jared Matkin