A 2016 PwC survey found the number of detected cybersecurity incidents in Australian businesses had more than doubled since 2015, making it more critical than ever for online retailers to take steps to protect their sensitive – and valuable – data.

Whether you already own an online store or you’re considering setting one up, it’s important to understand the most prevalent dangers in today’s e-commerce marketplace. So how can you protect your SME?

Identity theft

Due to their convenience, credit cards remain one of the most popular online payment methods. However, if a credit card theft occurs, you must be able to protect both the customer and your business from financial loss. The first step is to ensure your payment processor satisfies the industry's PCI data security standards, which set strict guidelines around data encryption, access control, data storage and network security.

Given that the merchant can't see the customer's card when they make a purchase online, it's vital that you use an e-commerce platform that can provide extra layers of data authentication. You should always ask that customers provide the CVV (card verification value). There are also data validation tools available that can cross-verify the customer's name, billing address and IP address. If a credit card is used from overseas only a short time after it was used locally, for example, this may indicate an attempt to defraud

Data breaches

Research released in 2016 by cybersecurity company FireEye revealed that 76 per cent of US consumers would likely take their business elsewhere if a company was negligent in protecting their personal data. So a data breach not only damages a company's brand image, but its bottom line as well.

Firewalls are effective at stopping most intrusions before they breach your network. It's also important to use an e-commerce system that regularly scans for and removes malware, viruses and other harmful software. If you are responsible for maintaining the e-commerce software, be sure to apply security updates as soon as they become available. This is crucial because online hackers are always on the lookout for security holes, with older systems being most vulnerable. For this reason, the PCI security standards strongly discourage merchants from storing payment card data unless absolutely necessary.

It's also no coincidence that the most popular passwords tend to be the least secure: “123456” and “password” being prime examples. When customers create an account with your online store, they should be encouraged to create a password that isn't easily guessable.

Suspicious activity

While a secure e-commerce platform can keep you shielded from most cyber risks, there are other dangers associated with doing business online that you need to monitor and plan for.

• Repeated attempts to pay for an item: If you see a sequence of declined transactions, it may be someone using a program to generate random credit card numbers, hoping for a match. This can be prevented by locking out the user after a fixed number of failed attempts, or redirecting them to sales support.
• Expedited shipping on large orders: This could be an attempt to receive goods before fraud is detected. It can be averted by only allowing fast shipping on smaller orders.
• Suspicious order details: Look out for email addresses that appear suspect (such as a random string of characters) or phone numbers and addresses that don't appear legitimate – for example, a postcode that doesn't match the street address.

Finally, if you employ customer service staff in your e-commerce business, make sure they are provided with appropriate training in security policies and laws that will keep your data safe. This should include never sharing sensitive information outside approved channels, such as on the phone or by email.

With eMarketer predicting worldwide e-commerce sales will top US$4 trillion a year by 2020, online retail businesses will need to step up their efforts to protect their data. Key to this will be making sure you choose a strong and secure e-commerce payment system, and educating customer-facing staff about the risks of selling online.