The huge volume of online financial transactions it processes makes PayPay a prime target for hackers. So far, though, PayPal has managed to avoid any significant fraud. Executives from the popular payment service share their strategies to always stay ahead of cybercriminals. INCLUDES VIDEO.
Having $2 billion a year in transactions doesn’t help matters if you want to avoid a cyber-criminal’s attention.
But that’s the amount that PayPal Inc. processes in Canadian purchases alone each year, and it’s growing. With two in three Canadian online shoppers maintaining an account (that’s 8 million accounts), the e-commerce payment service is growing three times faster than e-commerce itself.
Worldwide, PayPal processes about $2,000 in transactions a second. It has 75 million users in 190 different markets, and supports 19 currencies.
So the San Jose, Calif.-based company, which started in 1998 and was bought by eBay in 2002, is aware of the dangers it faces from cyber-crooks of every variety.
“We are going to be a target for those who want to take advantage of our payments system,” says Andrew Nash, senior director of information risk management at PayPal. “Just like any other financial institution.”
He says this awareness motivates the company to be more vigilant about its security practices. Other payment processors such as Heartland Payment Systems are suffering cyber-attacks and data breaches. Hackers target the financial sector hoping for a big payoff.
PayPal examines historical transactions and real-time activity to detect fraud risks, Nash explains.
“We are always looking at specific instances likely to have a large scale impact on us,” he says.
So far, so good. PayPal’s rate of fraudulent transactions is less than 0.33 per cent, according to Nash.
Merchants using the service as part of an e-commerce Web site are happy with the built-in anti-fraud tools and compliance with Payment Cards Industry (PCI) standards, PayPal execs say.
For consumers, it means the ability to keep payments information hidden from online retailers, notes Darrell MacMullin, general manager of PayPal Canada.
“A lot of power buyers online don’t want to enter their credit card information into a different database every single time,” he says.
If a fraud does occur on PayPal, the company protects both the consumer and the merchant, Nash says. The service has never been hacked, nor has information been stolen, he says.
Speaking at a recent conference in Toronto, MacMullin shared several ways a small businesses could use PayPal.
Web sites payment buttons
The most commonly seen use of PayPal is to allow customers to pay for things on a Web site by clicking a button. But there are several button options available for merchants. Different buttons fit different business models.
The “Buy Now” button is similar to what’s seen on many eBay auction listings – simply allowing the customer to immediately purchase an item.
The “Add to Cart” button puts an item in a customer’s virtual shopping cart but doesn’t redirect them away from the shopping area. There’s a “Donate” button for charities and non-profit outfits and a “Subscribe” button for publications.
“You don’t need an IT department to figure it out,” MacMullin says. “In two to three minutes you can have a button created and have that on your site to start taking payments.”
For small businesses or sole proprietors offering services, invoicing is as much part of doing business as breathing is a part of living. PayPal allows for these to be sent through e-mail and paid via credit card, directly from a bank account, or with a PayPal cash balance.
Any PayPal user can access this feature from their account, MacMullin says. Recipients of the invoices don’t need to be PayPal members to pay the bill, either.
Virtual POS terminal
Merchants without a constant physical storefront, who sometimes sell their wares at tradeshows or other locations, can use PayPal’s Virtual Terminal to process sales. It’s a low-cost alternative to card swiping machines and other Point of Sales systems, MacMullin says.
“You don’t need any hardware, you don’t need any software. You just need a laptop with an Internet connection.”
Using PayPal’s online service, you can enter in credit card information manually to accept payments. If you want to speed that process up, there are USB card readers available on the market.
Follow Brian Jackson on Twitter.