English
English
Menu Close

Vaega togi i iti mo card

I aso nei, taulasiga o fakatokaga o mea togi io me ko mea e maua ne se pisinisie fakatoka loa i iti, mo cheques ko gasolo loa seai mo sene ko taulasiga ko fakaoga fua i luga ite counter i koga togi mea. Mai te tulaga o te saogalemu te fakatelega o banking systems, bank transfers pela loa me saogalemu, kae pena foki te fakamoemoega ke fakateletele faka’lei olotou online transactions. Te puke mote faiga o card payments e siliga atu te pokotiaga, kae e mafai foki o fai ne fakatelega tela e fakaeteete iei moa e isi ne fakalavelave e tupu. Te tautali ki nai tulaga e manakogina mo pisinisi kola e talia a togi kola e fai ki cards.

A pokotiaga

Pukega o togi

  • E mafai o peofu mai luga i credit cards kola ne mea fakaloiloi io me ne kaisoa.
  • Te se tautali ki Payment Card Industry Data Security Standards (PCI DSS), mote fakaikuga o sala.
  • Te soli tulafono o data protection laws mi luga ite taofiga o fakamatalaga mote fakaoga se io me se taimi ko too leva.
  • Te fakafoki o sene ki tino togi kope kola e fakaloiloi me seki oko atu olotou mea ne togi, kope kola ne se io me maua ko masei atu.

Faiga o togi

  • Faiga o togi ki tino fakaloiloi i luga i sites fakaloiloi io me mo kope mo fesoasoani kola e fakaloiloi me isi kae tela la e seai loa.
  • Te fakalele o sene ki akauni fakaloiloi mo kope io me fesoasoani tautua kola fua fakaloiloi tela la e seai loa (a banks e faigata o fakafoki a sene e galo i auala penei)
  • Phishing emails – te fakaloiloi ke faulu ou iloga tau sene ki luga i websites fakaloiloi.
  • Vishing phone calls – te fakaloiloi ke fakaasi ou iloga tau sene ki se tino ite telefoni.
  • A laua kona ne fakaasi ne vaega ote social engineering.

Togi kola e saogalemu

Pukega o togi

  • Fakamautinoa me tau ecommerce website e ‘lei tena puipuiga mo te saogalemu pena foki mote nofo toka o au tino togi kope (onoono kite Secure Websites, mai lalo).
  • Kafai e puke a togi i payment cards, fakamautinoa tau pisinisi e tautali ki tulafono pela mo Payment Card Industry Data Security Standards (PCI DSS), kola olotou manakogina e kesekese ki luga i ‘merchant level’ mo card issuer (onoono kite Compliance Criteria mote PCI levolo, mai lalo).
  • Kafai e tufa a kope, fakaoga a fapatonuga o olotou koga e kave kiei (proof of delivery – POD) ke moaa e isi ne kope e fakafoki.
  • Mai luga ite vaega pisinisi a koe pela foki me pefea te lasi o fakatelega o vaega sokotakiga ki mea togi, mafaufau ke talia ne koe PayPal mote mobile payments kola e fakaavanoa ne niisi vaega puipuiga.

Fakatokaga o togi

  • Kafai e fakatoka ne online payments me ite supplier website io me via direct payment, fakamautinoa me te site e puipuigina. E tau o isi se ata ote loka ite browser window frame, tela e foliga mai manafai koe e taumafai o log in io me register. Fakamautinoa me ite ata ote loka e se i luga ite page tena … kafai e penei e fakaasi mai me kaati se site fakaloiloi. Te kamataga ote tuatusi e tai o kamata mote ‘https://’. Te ‘s’ e fakauiga kite ‘secure’. Masaua, me te fakailoga tenei e fakaasi mai me kote link ite vaasi o koe mote tino ia ia te website e mautinoa e puipuigina, kae e se koia e fakamautinoa atu me kote site tonu loa. A koe e tau o aasi fakalei a tuatusi me ma isi ne vaega pati e se tonu, ne pati faopoopo mo nai mataimanu mo niisi vaega se tonu.
  • Fakaoga password malosi kae fakamautinoa me a latou e tausi fakalei ne tino kola e tau o fakaoga ne latou.
  • Fakatu ne fakanofonofoga malosi mo tino galue kola e nofo mo company payment cards – pena foki PIN mo password protection mo anti-cloning precautions.
  • Masaua me te fakaoga ote credit card e lasi atu tena puipuiga i lo te fakaoga o te debit card io me direct payment.
  • Ke fakatonu mote faletupe me pefea te fakanofonofoga kafai ko galo sene mai tulaga o mea fakaloiloi. Faitau i fakanofonofoga a latou kae kafai e isi sou masalosaloga, fesili kite business manager o tau faletupe.

Merchant PCI DSS compliance criteria and PCI levels

  • Fakatokaga o fakanofonofoga e fakanaa ki luga ite levolo ote merchant’s activity.
  • E faa levolo, kola e fakavae kiei te napa o credit/debit card transactions.
  • A payment brands e fakanofo ne latou te levolo o fakanofonofoga mo olotou brands, a tino kola e pule ite fakanofonofoga o sene e masani o nofo mo tiute ke fakatonu fakanofonofoga mo levolo kola e manakogina mai i olotou tino kola togi kope.
  • Ate levolo o fakanofonofoga konei e fola atu mai lalo kae masani o fai ki te aofaki o fakateletele o togi takitasi ite tausaga.
  • Me pefea te lasi o fakateletelega e autu fua ki e-commerce transactions io me ki togi kola e fakasoa i auala kesekese e fakatonu takitasi mai vaega payment brand kae, ite te masani, a fakateletelega e ulu katoa.

Levolo 1 Fakanofoga

A tino togi kope kola e siliga mote 6 miliona a fakatelega o mea togi ite tausaga, io me ko tino togi kope kola olotou data kooti ne pokotia muamua

Levolo 1 Manakoga ke fakapatonu

Annual Onsite Security Audit (e iloilo ne te QSA io me kote Internal Audit kafai e saina ne te ofisa ote merchant company kae pre-approved by acquirer) kae fai a quarterly network security scan

Levolo 2 Fakanofoga

Tino togi kope mote aofaki e 1,000,000 kite 6 miliona fakateletelega sokotakiga tau tupe ite tausaga

Levolo 2 Manakoga ke fakapatonu

Annual Self Assessment Questionnaire

Quarterly Scan by an Approved Scanning Vendor (ASV)

Levolo 3 Fakanofoga

Tino togi kope mote aofaki e 20,000 ki luga ite 1,000,0000 fakateletelega sokotakiga tau tupe ite payment brand

Levolo 3 Manakoga ke fakapatonu

Quarterly Scan by an Approved Scanning Vendor (ASV)

Annual Self Assessment Questionnaire

Levolo 4 Fakanofoga

Tino togi kope mote aofaki ki luga ite 20,000 ecommerce fakateletelega sokotakiga tau tupe io me ki luga ite 1,000,000 non-ecommerce transactions per payment brand

Levolo 4 manakoga ke fakapatonu

Annual Self Assessment Questionnaire

Quarterly Scan mai ise Approved Scanning Vendor (e mafai o fakakatonu io me manakogina, fakatau ki luga ite acquirer compliance criteria)

Websites kola e saogalemu

Te tuku atu te website tela saogalemu mo fai a togi e fakamautinoa ke nofoga malie te mafaufau o tino togi. Taulasiga o tino kola e olo o sala mea togi kae togi ne latou a mea tau kope mo niisi avanoaga online nei ko iloa ne latou te taua ote ata ote loka tela i fakaasi i luga ite browser window frame, tela e fakasae manafai ko taumafai o log in io me register – kae te kamataga ote tuatusi e kamata kite ‘https://’.

Te mea nei e fakaasi me tau pisinisi e isi sena digital certificate tela e fakatoka ne se potukau fakatea tela e fakatalitonugina, pela mote VeriSign io me ko Thawte, tela e fakailoa mai me i fakamatalaga kola e tauave online mai i tau website kooti ne fakatoka ke puipui mai niise potukau kola e kafi iei o kaisoa a fakamatalaga, pela mo SSL tekinoloti (onoono kite fakamatalaga mai lalo).

E kafi ne koe o maua te Extended Validation (io me EV-SSL) pepa fakamaoni, tela e fakamatala me ite potukau pulepule kooti ne fakatoka olotou aasiga ki loto i tau pisinisi.

SSL

SSL (Secure Sockets Layer) se fakatulaga o puipuiga tekinoloti tela e fakatu se encrypted link ite vaasia ote server mote client – te masani se web server (website) mote browser, io me se mail server mote mail client pela mote Microsoft Outlook.

SSL e fakaavanoa fakamatalaga kola e taua pela mo napa o credit card, social security numbers, mo fakamatalaga o login ke mafai o tauave ise puipuiga tela e saogalemu. Te masani, a data kola e kave ite vaa o browsers mo web servers e kave i vaega tusiga masani … tela e fakaavanoa koe ke faigofie o lavea mai ne niisi. Kafai se tino e tau atu e mafai o ulu ite vaasia o au data katoa kola e kavekave ite browser mote web server e mafai o lavea ne latou kae fakaoga ne latou au fakamatalaga kona.

Close

Fakamatalaga o muna

Vishing

Se faifaiga o taumafai ke puke a fakamatalaga totino mo maumea tau tupe e auala mai i telefoni ko te mea ke mafai o fai se fakaloiloi io me kaisoa iloga.

SSL

Secure Socket Layer, se encryption system tela e puipui ne ia sokotakiga i luga i te internet.

PIN

Personal Identification Number.

Phishing

se faiga ke kaisoa iloga tela te kau amio masei e ave ne latou tino ki website masei ko te mea ke mafai o fakailoa olotou fakamatalaga totino pela mo username mo passwords.

Salasala ki niisi