Building Better Donor Security

We have all seen over the past few years the ability of hackers to penetrate company data and steal personal information such as credit cards. Even some of the most trusted brands, banks and governments have been breached leaving us to wonder if anything is secure. Thankfully, there are options available to us as charity merchant providers. However, one of the most successful ways to secure data is to keep it in the hands of the user instead of the charity.

Here’s what I mean. Imagine 200 guests attend your event and you wish to capture credit card data up front to try and make it easier at checkout. You set up a group of 4 iPads with card readers to swipe all 200 guests. Then, at the end of the night, you process 45 of those who won and the rest are untouched.

Significant Risk to Charities

In this scenario you have several key areas of risk. First, the terminals could be compromised by malware or viruses. Apple has a walled garden  approach to security which only allows Apple approved apps on the App Store to be installed. This is an attempt to minimize the risk of downloading a malicious app. However, Android does not have this same level of security and if your iPad or iPhone is jailbroken, it can have malicious software. With all your guests using the same four devices to add cards, a single compromise can be significant because all data passing through that device can be available to a hacker.

The second risk is how the data is transmitted from the device to the storage system used by the vendor. Any company that transmits credit card data must ensure security throughout the entire journey of the data and not just at the database level. Therefore, if a piece of card data is transmitted to a server and then passed to a PCI compliant vault, there is still significant risk because the data could be stolen in-transit .

Lastly, anytime a card leaves the hand a guest to either a hired consultant or volunteer there is risk and therefore liability. Though this risk is low, the goal is to ensure and provide comfort to guests so they feel safe providing payment data in a hyper sensitive marketplace.

Growing Risk Means Growing Security

At ClickBid we have seen the level of security grow dramatically over the years. In the early days we stored a name, phone and bidder number. Now with mobile payments taking center stage, we have migrated to a more comprehensive system of securing data at every level.

First, we put the responsibility of adding card data back onto the guest. No longer do we assemble an array of volunteers or staff asking the awkward question of May I put your card on file?  In the past 12 months, we have seen those who are willing to do this decrease dramatically. On the contrary, those guests willing to add card data via their own phone at checkin and checkout has risen 500% over the same period.

Giving guests a way to add their own payment data minimizes a single point of compromise where a bad device could expose multiple guests to theft. We allow guests to add their card data when they register for an event, at check-in, during an event and upon winning and checking out. Having these multiple points of contact help us minimize and spread out the transfer of data to the guest. It also reduces the burden of your checkin staff because they no longer have to ask for card data and swipe.

We certainly understand that not all guests have a smartphone (though that is less and less each day). To assist those guests, we recommend a “solutions area” where one or two charity staff/volunteers use a single device to transmit data. For this device, we recommend Apple equipment that are not jailbroken and not personal devices of a volunteer or staff member.

Direct Connection to PCI Compliant Providers Through Hosted Fields

Second, to reduce the ability to steal card data in transit, ClickBid has utilized the newly developed hosted fields  provided by our PCI compliant partner Braintree Payments (a PayPal company). Hosted fields are data fields that allow you to enter card data that is only transmitted directly to the PCI partner. Data is never sent to ClickBid or any other middleman  server for processing. The data is encrypted by a one-time key that is unique to that specific transfer. Once the data is sent directly to Braintree, we receive a token that we can save which is a pointer to the actual data. Therefore, in the highly unlikely event that our data were compromised, not a drop of card data would be available to hackers.

ClickBid Mobile Bidding – Security Through Simplifying the Pipeline

At ClickBid, our goal is to reduce the elements needed to send and process card data. Each layer provides a potential for theft that should be reviewed and evaluated. By removing those layers you take away the potential and make mobile payments safer. That’s why we have retired our credit card readers and requiring guests to hand over a card at check-in. In a perfect world, we would only capture data from those who make a payment. In the old days, we attempted to get 100% participation knowing that only a small number of cards would be used. In truth we see much more hesitation from guests willing to participate in this process. In today’s increasing world of scrutiny on procedure, we want to be more selective and ask guests to add cards at their discretion, giving them the tools to do so safely. We believe this will lead us to happier outcomes, happier guests and better events.

Leave a Reply

You must be logged in to post a comment.

2018/12/12