In Black And White

Industry Insights

Creating new software solutions and working with an elite group of payment technology providers allows us to stay up-to-date with the latest and greatest in the payment space. And with our industry insights, you'll be well-versed and in the know.

What Businesses Need To Know About The Equifax Breach

What Businesses Need To Know About The Equifax Breach

In early September, credit reporting company Equifax announced that it had fallen victim to a massive security breach affecting 143 million consumers. During the breach, which took place between May and July of this year, hackers gained access to consumer names, social security numbers, birth dates, and addresses. For some victims, driver’s license data was exposed and for 209,000 people, credit card information was stolen.

As a merchant, you likely want to know what you should do to protect your business and your customers. Here’s some essential information that can help.

Identities May Be Compromised
As the news broke, Equifax issued a statement offering one year of free enrollment in their credit monitoring service and created a website to help consumers determine whether they may have been affected. Experts suggest taking additional steps and are advising consumers to freeze their credit to prevent others from opening lines of credit in their name. Merchants need to be more diligent when accepting payments – match customer signatures to the signature on the back of the payment card or, for card-not-present (CNP) merchants, ensure safeguards are in place to prevent fraud (e.g., flag multiple shipments to the same address for review, check IP addresses and emails – if the billing address is in Florida, the shipping address is in Oregon, but the IP address is from China, reach out to the individual who placed the order).

Consumers Are Concerned
Naturally, many consumers are concerned about the safety of their personal information in light of the breach. This provides merchants with the opportunity to let customers know that their payment security is a top priority. Merchants can emphasize that they have measures in place to protect customers, like encryption and tokenization, and take extra security precautions. Actions speak louder than words: if a merchant consistently confirms customer signatures at the cash register, for instance, the merchant will have a reputation for being cautious – helping instill trust before, during, and after a well-publicized data breach.

Moving Forward For Consumers And Merchants
As a consumer, you should consider contacting the three credit bureaus and placing a credit freeze on your file. This prevents criminals from using the Equifax data to open new lines of credit in your name. KrebsOnSecurity has “repeatedly urged readers to consider putting a security freeze on their accounts in lieu of or in addition to accepting free credit monitoring offers, noting that credit monitoring services don’t protect you against identity theft (the most you can hope for is they alert you when ID thieves do steal your identity), while security freezes can prevent thieves from taking out new lines of credit in your name.”

To freeze your credit report, contact each of the three reporting agencies separately:

As a merchant, utilizing the advanced payment security technologies of EMV, tokenization, and encryption helps secure your card data environment so you’re not storing, processing, or transmitting sensitive payment data. If you’re using layered payment security technologies, your customers will feel more secure. When they feel secure, they’ll be more likely to continue to do business with you even when they’re concerned about identity theft.

To learn more about securing your cardholder data environment, contact us today at 800.396.0246 or

Share this post