The security of online payments has increased year by year thanks to new directives, regulations, and tightened information security standards. The activities of fraudsters and cybercriminals have been made more difficult, and payment chain operators have been subjected to more requirements to monitor and prevent money laundering and payment fraud. Ensuring secure online purchases for our customers - and their customers - is important, and that's why we're excited about our new partnership with Visma Pay.
Visma Pay offers only secure payment methods to their merchants. All traffic from the online store to the payment method and back is always encrypted for all payment methods. Visma Pay also has the highest level (Level 1) security certificate for PCI DSS (Payment Card Industry Data Security Standard), developed jointly by credit card companies. The security certificate demonstrates that systems and processes are information secure. *
Learn more about the topic on Visma Pay's website
Together with Visma Pay, we have compiled a brief list of best practices for secure online payments. At the end of the article, a Visma Pay expert guides you on what to do if your payment instrument is stolen.
Payment Instrument Security
Payment instrument security has recently become a topic of discussion in the media. The protection of payment instruments is the responsibility of the holder. What does this mean? Payment instruments, such as payment cards or online banking credentials, must be kept strictly confidential and should not be shared even with family members. Payment instruments like credit cards and online banking credentials are personal.
Fraud most commonly occurs with stolen payment instruments. For example, through phishing of online banking credentials or credit card number theft. The best way to protect yourself is, of course, to take good care of your payment instruments, but risk can also be mitigated by setting limits on payment instruments. For example, it's common to set various security limits on payment cards such as geographical restrictions or purchase limits. For online banking credentials, it's also critical to ensure that old code lists are no longer valid and that the mobile application used for online banking authentication is protected with a sufficiently long and secure PIN code.
Citizens have long been plagued by so-called banking credential phishing campaigns, where criminals try to deceive victims into disclosing online banking credentials or card details to criminals through various means. It is extremely important that if you become a victim of such a phishing attempt, you should block your payment instruments and file a criminal report with the police.
The National Cyber Security Centre in Finland provides a lot of good material for citizens and businesses to improve their information security.
Payment Method Trends
In Finland, the most common payment method has remained the same for decades. Bank payments have been the most used payment method for a long time, and now bank payments are also becoming more common in Europe thanks to the new payment services directive. MobilePay and wallet payment methods have become more popular in the last couple of years due to their ease of use. However, payment method choice is often guided by the online store's industry. For example, clothes are often ordered using credit invoice and installment payment methods, while gym memberships often use recurring charges through payment cards.
Product Returns
There hasn't been a major change in payment refunds, but world events have clearly made trading more difficult in certain industries. For example, component shortages and varying availability of construction materials have caused some delivery difficulties for operators in the field, which directly reflects in canceled transactions. Generally, however, there hasn't been a significant change in consumer behavior regarding returns compared to recent years.
About the Author
Visma Pay's Product Director Markus Salminen has over ten years of experience in the payment industry and information security. The company providing the Visma Pay payment service was founded in 2012 and has been part of the Visma group since 2020. Markus has a background as a Master of Science in Technology.
Markus's Checklist:
What to do if my payment instrument is stolen?
Contact the payment instrument issuer and block the payment instrument immediately
File a criminal report
Consider what other information might have fallen into criminal hands that could compromise your privacy
How to prevent an attack?
Take care of your payment instruments (payment instrument is personal)
Use only trusted payment processors and payment methods
Use limits on your payment instruments
Protect your online banking authentication mobile application with a long and secure PIN code
Check that old code lists are not valid
Use a password manager or at least unique and secure passwords for different services
* At the EU level, payment security has also been addressed in recent years through the new PSD2 payment services directive. Generally, in the field of online payments, stricter regulatory requirements in preventing money laundering and terrorist financing have made it more difficult for fraudsters to operate. At the same time, however, the number of cyberattacks has dramatically increased both in Finland and throughout Europe. Particularly ransomware and phishing campaigns have plagued both businesses and consumers. Your bank, card companies, and payment processors do everything they can to ensure their customers can pay safely online. Despite this, vigilant buyers play a major role, as attacks are increasingly targeting buyers directly.