Small businesses lack confidence in recovering from fraud or cyber attack

Recent research from Visa, has uncovered that whilst small businesses are embracing the benefits of digitalisation, many would be unprepared to deal with the impact of a fraud incident or cyber-attack.

The study surveyed 2,000 small business owners across eight markets and showed that while accepting digital payment options helped drive growth for nearly all (98%), two in three (67%) were not completely confident in their business’s ability to fully recover from a fraud incident or cyber-attack.

Small business owners that were surveyed also reported that shifts in consumer behaviour are driving their digital adoption, with small businesses planning to accept mobile payment apps (56%), mobile wallets (50%) and contactless cards (35%). The research showed retailers in particular are anticipating more digital payments, with 99% planning to offer at least one to their customers, especially mobile payment apps (62%).

Visa’s state-of-the-art payment technology evaluates 500 unique characteristics for every single transaction in real-time, checking data from more than 4.2 billion card accounts to spot unusual activity and flag them to your bank. Online payments and password protection with Visa are secured by 3D-Secure, formerly known as Verified by Visa, giving an extra layer of security to protect against unauthorised card use.

Fraud attacks are becoming increasingly sophisticated. Visa is going beyond PINs and passwords with Visa biometrics, that protect users with fingerprint, facial and voice recognition. And we have also developed token technology, a simple, yet powerful concept that conceals and devalues sensitive payment data to stay ahead of fraudsters and make digital payments more secure: tokens have 50% less fraud and we have now reached 6 billion tokenised credentials worldwide. 1 in 3 card not present transactions in Europe are now made with tokens and that number is growing rapidly.¹

This uncompromising commitment to security has kept fraud at historic lows: less than 0.1% of transactions – among the lowest of all payment forms.

There are seven simple steps that small business owners can take to assist them in preparing for the growing threats with a cybersecurity including:

1. Choose multi-factor authentication. This security measure requires that you take an extra step to log in beyond your password, such as through in app verification or receiving a security code to your phone that allows you to sign into your account from an unfamiliar device. Ask your bank if they offer this service or download a free authenticator app. Additionally, banks offer biometric solutions to further enhance authentication.

2. Install and update antivirus software. Make sure your computer has antivirus software and set it up to run a regular virus scan. Change your passwords if you do encounter a virus. Install other key software updates as soon as they are available to keep malware or other fraudulent activity at bay.

3. Train your employees on cybersecurity. Create basic security protocols for employees, such as requiring strong passwords, two-factor authentication, and appropriate Internet use guidelines – with penalties for violating company policy. Train them on spotting phishing scams too.

4. Prevent payment fraud. Isolate your payment systems from other programs that may be less secure and don't use the same computer you use to browse the Internet to process payments. When setting up payment acceptance, ask your bank or processor about their anti-fraud services, such as enabling CVV checks (the 3 or 4 digit numbers on the back of cards) and transaction risk scoring. One such service, Visa Advanced Authorisation, leverages real-time data to predict fraud and has prevented an estimated $26 billion in fraud in 2021.²

5. Accept tokenised payments. Tokenised transactions are proven to reduce fraud by replacing card numbers with unique tokens versus exposing actual card numbers. Tokenisation has led to a 2.5 percent increase in approval rates and 28 percent reduction in fraud rates.³

6. Protect consumer data. It is critical to protect customer data whenever you accept digital payments, especially as most financial activity now occurs in the cloud. Ask your payment acceptance provider about their consumer protection services. For example, Visa’s Cloud Token Framework helps to enhance security and increase approval rates for digital transactions across a variety of payment experiences and devices.

7. Reduce internal payment risks. If you have a business credit card, ask if your issuing bank offers platforms to help control spending and usage, such as Visa’s Payment Controls, which is particularly helpful if employees are charging business expenses. Carefully track your business finances and expenses too to protect your business from fraud and internal theft.

Methodology: Visa Global Back to Business Study

Visa’s Global Back to Business Study was conducted by Wakefield Research in March/April 2023 and surveyed 2,000 small business owners with 100 employees or fewer in Brazil, Canada, Germany, Hong Kong, Ireland, Singapore, UAE, and the US.