Storing credit card information is necessary for transactions to take place on the Internet and even at a POS terminal. Whether you are a SaaS company or artisan shop selling hand-made shoes, you need your customers’ credit card information to bill them. The problem arises when storing credit cards is done improperly, resulting in poor customer data security. One of the improper ways that businesses store credit card information is storing this data on their database.
You may be wondering, but my database is secure, and only I have the passwords? While that may be so, there are security standards you probably have not thought about. These standards are defined in the Payment Card Industry Data Security Standard (PCI DSS). They are a set of security standards that ensure all companies that accept, process, store, or transmit credit card information maintain a secure payments environment.
Although companies such as PayPal and Stripe must meet these requirements, anyone, regardless of how many transactions they process, must meet these requirements too if they are to be considered as PCI compliant. If you do not meet these standards and you are storing credit cards on your database, there are several risks you will be exposing yourself too. We outline seven such risks you face storing credit card information on your database.
1. Abuse of Access Privilege
Storing credit card information on your database opens this data to abuse by anyone with access privileges to your database. For example, if you work with an independent developer, they may abuse this access to steal this information. To avoid this, you may attempt to limit these privileges by restricting printing or making this data read-only.
However, this can also be easy circumvented by connecting the database to a third-party client like Excel. This way, restricted data can still be exported. Moreover, even when data is in read-only format, there’s nothing to stop someone with access to the database from taking photos with their phone and then parsing this information later.
2. Unutilized or Excessive Access Privileges
Excess access privileges are given all the time in small and often understaffed companies. When one role overlaps another, access controls can also overlap. The resulting excessive privileges can give access to sensitive data to persons who may not know how to handle this data with confidence. For example, you may give a customer care executive certain rights that allow them to view and change customer account information.
In the process, the executive may view and choose to abuse the credit card information they find on file. In such a scenario, unutilized or excessive access privileges may result in a data breach. Moreover, if such an employee leaves on a sour note and you forget to revoke their access, they may choose to access this data for personal gain.
3. Malware Attacks
Every database is susceptible to a malware attack. Some of the data breaches that have hit the headlines were as a result of a malware attack. How does a malware attack unfold? In most cases, it starts with an innocent-looking email to one of your employees, which has a downloadable attachment. When the employee downloads the attachment and opens it, an executable file is activated which infects the device.
If your office computers are networked, as most are, then the malware will spread to other devices and finally to your database, providing a backdoor to criminals. If you are storing credit cards in your database, it’s easy to see how such a malware attack can result in a data breach and the loss of your customers’ credit card information.
4. Backup Storage Exposure
It is usually best practice to back up your databases in case something happens to your live databases. While this is good practice, it introduces yet another risk associated with storing credit card information. Because most database backups are stored as insecure snapshots, it is very easy for a criminal to access this backup and make away with your customers’ credit card information.
This risk becomes even more pronounced when these backups are stored in external or on-premise media. For example, if you back up your databases in a local server, anyone in your office can access these backups and view sensitive data.
5. Manipulation of Misconfigured Databases
Misconfigured servers are commonplace. Most companies, especially smaller ones, rarely update their servers on time while many others retain default database settings. An Independent Oracle User Group report found that up to 28 percent of Oracle users have never applied a security update. A further 10% took a year or more to apply security patches.
This lapse is easily exploited by hackers, who know how to find misconfigured servers, manipulate and exploit them. For large companies too, database patches go unaddressed, with most going for up to a year without applying critical security patches. In such cases, if credit card information is stored in the database, it creates a security loophole that hackers can exploit to access this data.
6. Poor Security Knowledge and Expertise
Payment companies like PayPal and Stripe employ entire teams whose exclusive work is staying abreast of security advances (and threats) and applying patches to their databases and systems to thwart emerging risks. As a company without this focus or these resources, it is virtually impossible to deploy similar resources in the protection of credit card information stored in your databases. What does this mean from a risk perspective?
An Information Security Breaches Survey conducted by PWC found that 54 percent of small businesses do not train or educate their staff on database security risks. These results show that most companies are ill-equipped to handle security threats and breaches. In most small companies, individuals in charge of databases lack the skills, expertise, and knowledge to deploy security policies, training, standards, and controls across the company.
7. SQL Injection
An SQL injection is a security breach where a hacker introduces malicious code into a database, forcing it to behave in certain ways that increase its vulnerability. An SQL injection is typically accomplished through vulnerabilities in a web app or any other application that connects directly to the database.
If you are storing credit card information in your database, such an attack can expose this data to criminals and lead to a data breach. Also, because most small companies lack the skills and expertise to seal off such loopholes, it becomes easy for hackers to “sniff out” these vulnerabilities and launch an attack.
Storing Credit Card Information the Right Way
The challenges and risks associated with collecting and storing credit card information on your database are numerous and grave. Besides compromised customer data, you may also lose your business through negative publicity and legal action. As such, it does not make sense to store such data on your database when the risks are so high.
So, what is the solution?
The best alternative is to work with a payment integrator like PayKickstart who can integrate your business with reputable payment processors like PayPal and Stripe. These companies do all the heavy lifting when it comes to storing and securing customer credit card data, so you don’t have to. They are also PCI compliant and adhere to the highest payment security measures available.
If you’d like to find out how PayKickstart can help you stop storing credit card information on your database and avoid all the risks above, sign up for a free trial or request more information by emailing firstname.lastname@example.org
Dan Macharia is an experienced copywriter with over ten years of experience writing for both large and small companies all across the United States. When he is not writing, find him reading a book or outdoors playing lawn tennis, running or just walking and soaking in life.