Check fraud remains a significant problem in America, with losses estimated to be in the billions of dollars each year. Despite the increased use of electronic payment methods, many individuals and businesses still rely on checks, making them vulnerable to fraudsters. In fact, a recent article in The New York Times, states that check fraud nearly doubled last year, from 350,000 to 680,000.

According to the United States Postal Inspection Service, check washing is one of the most common types of financial crimes and can result in significant financial losses for individuals and businesses. This type of fraud involves altering or erasing information on a legitimate check to change the payee or the amount, and can be done with chemicals that erase ink, allowing the fraudster to rewrite the check with their own information.

So, what can be done to prevent climbing levels of check fraud?

Combating rising check fraud

Experts have been increasingly recommending bill payers opt for electronic payments whenever possible to avoid this trending fraudulent activity. By using online bill payment services, individuals can securely and conveniently pay their bills without worrying about their checks being stolen, altered, or washed.

Of course, digital payments come with their own security concerns, including hacking, cyber-attacks, phishing scams, data breaches, and tracking behavior. In fact, according to a recent InvoiceCloud survey, the second biggest concern bill payers have in regard to digital payments is the security of their information.

To cover all of today’s security concerns and avoid an influx of in-person payments, billing organizations need to select an online payment system that’s easy to use and offers security assessments, PCI compliance, and more. We’ve put together an online payment security checklist so billing organizations can choose a solution that keeps customer data secure and ensures your organization is up-to-date with compliance regulations.

The Online Payments Security Checklist

To ensure that your customer data is secure and that your organization is up to date with compliance regulations, you’ll want to keep a few things in mind when choosing a digital billing and payments provider:

SaaS model

The Software as a Service (SaaS) model is the ideal software solution for payments, particularly for the compliance aspect of security. True SaaS delivers continuous improvement and requires no maintenance on your part. This guarantees your organization has the latest security patches to remain compliant with industry standards.

Multi-tenant infrastructure

The multi-tenant architecture of SaaS solutions creates a single instance of a software application that serves multiple customers, as opposed to a single-tenant model hosted in the cloud. Client data is secured in individually partitioned databases, providing superior performance and maintenance while the entire application is wrapped and monitored in a secure environment.

PCI Level 1 compliance

The Payment Card Industry Data Security Standard (or PCI DSS) is a set of six principles that create the framework for the standard. These include things like “build and maintain a secure network” and “regularly monitor and test networks.” From there, there are 12 requirements for PCI compliance. PCI is made up of six goals around the safety of payment information and includes four levels of PCI compliance. PCI Level 1 service provider indicates the most thorough and comprehensive guidelines and audit requirements for compliance. 

Security assessments and certifications

When choosing a digital payment solution, you’ll want to confirm that your potential software providers follow the applicable requirements set forth in PCI-DSS for security tests, which are typically conducted by an outside testing firm. Make sure any considered providers maintain annual security certifications, like SOC 1 and SOC 2 Type 2, and PCI-DSS Level 1 Service Provider certifications. These verify that the payment platform has implemented effective controls around data security.

Data privacy policies

Don’t be afraid to ask providers questions around their data privacy policies. If they are thorough, the providers should keep (and frequently review) audit logs to maintain checks and balances in security. They should also offer clear language confirming they do not sell customer data to any third parties, with the exception of service providers deemed necessary to fulfill the requested services.

Want to learn more about SaaS solutions for digital payments? Check out our free ebook, The Benefits of Software as Service, to read more about why this delivery model is ideal for collecting bill payments.