Storing customer payment data comes with notable risks, but also potential rewards. Companies must weigh the pros and cons to determine if it still makes sense for their business. Here’s an in-depth look at the key considerations:
The Risks of Storing Payment Data
Storing customer payment data exposes businesses to significant security and compliance risks:
Data Breaches
- Payment data is a major target for cybercriminals. Retailers that store payment card data had a breach rate of over 60% in 2020.
- Breaches can result in massive costs, including fines, legal fees, reimbursement of stolen funds, and reputational damage.
- High-profile breaches like Target, Home Depot, Equifax have cost hundreds of millions of dollars.
Compliance Burden
- Businesses that store payment card data must comply with strict industry standards like PCI DSS.
- Achieving and maintaining PCI compliance requires investments in security tools, audits, staff training. Average cost is $150,000 per year.
- Failure to comply can lead to steep fines from card brands.
Increasing Regulations
- Governments are imposing new data protection laws like GDPR with severe penalties. Storing payment data raises compliance requirements.
- New regulations like PSD2 also impose additional security mandates for payment data.
The Benefits of Storing Payment Data
Despite the risks, storing customer payment data can provide some real benefits:
Improved Conversion Rates
- Storing payment details for future purchases removes friction from the checkout process.
- According to Baymard Institute, nearly 70% of online shopping carts are abandoned. Reducing steps can increase conversion rates.
Better Customer Experience
- Customers appreciate the convenience of not re-entering payment information for every transaction.
- Merchants can provide personalized account dashboards by storing customer data.
Valuable Data Insights
- Analyzing stored customer payment data can provide useful insights into buying habits and trends.
- This allows merchants to better tailor offers and experiences to customers.
Recurring Revenue
- Merchants can easily process recurring orders, subscriptions if payment details are stored for future billing.
- This enables new revenue models that depend on recurring payments.
Key Considerations for Payment Data Storage
When evaluating whether to store payment data, merchants should carefully assess:
- Type of business model – Subscription, ecommerce, digital services benefit more than brick-and-mortar.
- Transaction volume – Higher volume merchants get greater rewards but also higher risks.
- Payment mix – International cards bring greater restrictions than domestic.
- Security posture – Existing security gaps must be addressed before storing data.
- Compliance impacts – Are processes in place to meet PCI DSS and other regulations?
- Customer expectations – Some customers prefer not storing data due to privacy concerns.
Like any business decision, there are tradeoffs to storing payment data. Companies should thoroughly evaluate both the risks and rewards based on their unique situation. With proper precautions, payment data can often provide net benefits in the modern economy. But merchants should also plan for the increased threats that accompany handling sensitive information.
