Making and receiving secure online payments

December 2021

Ensuring that online payments are safe is essential. If your business can’t secure online payments, it could lose customers – and even end up breaking the law.

Online payment is not the future – it’s the present. People are more confident than ever with shopping online. Your business could be losing customers if it doesn’t accept online payments.

It’s not only customers who are shopping online. Businesses also have to make online payments these days. But there's a risk of criminals stealing information with every transaction. That’s why businesses must take steps to ensure online payments are secure. 

In this guide, we’ll share cyber security tips to help protect your business payments.

Why is it important that online payments are secure?

Having secure online payment options can boost customer confidence. This can help to increase sales.

But there’s another important reason. Your business could be breaking the law if it doesn’t protect customer information. Business owners could face fines of up to £500,000 or even prison. Consider finding out more about Data Protection Act.

Choose the best way to collect payments

There are many options to help businesses receive secure online payments. Below are some of the safest methods.

The following companies are responsible for making online payments secure. But business owners must check that security is adequate for their needs. Always read the terms and conditions. This includes fee structures.  

Sell through an online marketplace

Online marketplaces can be an easy way for businesses to take secure online payments. Websites like Amazon, eBay, and Etsy help businesses sell to a global audience. Plus, customers usually trust these websites.

These marketplaces usually charge commission on each sale. This varies between providers.

Use an ecommerce platform

An ecommerce platform helps customers buy products on your business website. Using an ecommerce platform can be a great way for businesses to take secure online payments.

There are lots of ecommerce platforms out there. Some platforms offer to build and host your online store. Others add an online store to your existing website.

Fees depend on the platform. They also depend on what features your business needs. But it’s usually a fixed subscription instead of commission based. Popular ecommerce platforms include Shopify, Wix, BigCommerce, and Bluehost and WooCommerce.

Use a payment gateway

Payment gateways can be another good way to take secure online payments. These systems accept payments from credit cards, debit cards and from bank accounts.

Popular payment gateways include PayPal and Square.

Direct debit

Direct debits can help businesses to take secure online payments. Direct debits are taken from customer bank accounts. They are particularly good for businesses that sell subscriptions.

Companies like GoCardless and London & Zurich offer direct debit services. Fees are usually paid as a percentage of each sale or a standard transaction fee.

Staying safe when making payments

Business owners don’t only need to protect customer payments. Securing company payments is also an important aspect of cyber security. Here are some of the safest methods:

Credit card

One of the safest payment options is credit card. It’s usually possible to claim back money lost to fraud. But you must protect your PIN and password. You must also act fast if fraud occurs. For more information, visit the Money Advice Service.

Digital wallet or online payment system

Digital wallets like Apple Pay and Google Pay can enable secure online payments. These apps handle payment and only need PIN or Touch ID verification. PayPal is another useful tool to make payments without giving your bank details. All these methods are encrypted.

Debit card

Debit cards can be risky if linked to your business bank account. It’s better to use a debit card that’s not linked to your main account.

Look out for suspicious activity

It’s essential that business owners check financial statements regularly. Make sure you recognise all payments and check they are the correct amount. Other things to watch out for include:

  • Sudden demands for payments

  • Changes in bank details

  • Changes in email addresses

  • Unsecure payment options

Secure your company connection

Scammers know that one of the fastest ways to get data is to hack into an unsecure network. It’s essential that businesses secure internet connections. Here are some simple steps to achieve this:

Change the name of your WiFi

Change your WiFi name from the original one provided. The original can help scammers identify which network to hack. Change it to something random.

Turn off network broadcasting

Business owners should turn off WiFi broadcasting. This means that your network won’t show to computers with a wireless connection.

Create a strong wireless password

A strong password can help to keep your connection secure. Passwords should be 25 characters long. They should also include letters, numbers and symbols. Passwords should appear random.

Enable network encryption

Most internet routers come with an encryption feature. This scrambles information so that third parties can’t understand it. Encryption is a useful tool to help keep payments safe. The most advanced is WPA2.

Use a VPN

A virtual private network (VPN) encrypts data transferred through your network. Once logged into the VPN, data is passed to another server and is encrypted.

Install WAF

A web application firewall (WAF) monitors and blocks online traffic. A WAF can help to secure data like financial information.

Get SSL certificates

Have you noticed that some websites have a padlock symbol in the browser bar? This shows the site has an SSL certificate. This encrypts all information between the customer and the seller. An SSL certificate helps to show trustworthiness to customers.

Use antivirus software

Using robust antivirus software can help to stop malware and cyber attacks.

Have a Response Strategy

Despite all these cyber security steps, there’s still a small chance that hackers will access your system. It’s essential that businesses have a plan if this happens. This might include:

  • Shutting down systems to stop more information being stolen

  • Checking for access points in your network

  • Checking if sensitive data has been stolen

  • Removing infected files

  • Replacing hardware

  • Keeping a log of the incident

  • Updating firewalls and security

  • Contacting law enforcement


This article was written and originally published by The Productivity Group (trading as Be the Business). Be the Business is an independent, not for profit organisation set up to help business owners and leaders improve the performance of their business. © Copyright 2021 The Productivity Group.  All rights reserved.

Everything we publish on Business Talk is provided as general information only. It isn’t advice or an insight into the views of TSB or any of our Partners. This is for information only and should not be relied upon as offering advice for any set of circumstances.

Please think about getting independent financial advice if you want help with your personal situation.

While we make every effort to make sure the content is accurate and up to date, no liability is accepted by TSB Bank for any loss or damage caused by relying on any statement or omission. 

Links to external content are provided for information purposes only and not a TSB recommendation of any brand or service.