10 Hints to Protect Your Customers
10 Hints to Protect Your Customers
 Skip Navigation Links > News > 10 Hints to Protect Your Customers

10 Helpful hints to protect your customers from identify theft and comply with Red Flag legislation.  
By Clint M. Waite

Sales, Human Resources and Billing & Collections are all departments within the company that touch the customer.  While sales should be very careful about the application process and credit checks, and HR should have procedures in place to hire honest individuals with integrity, Billing is probably the most important group in determining the success of the security plan.  Following these 10 helpful hints will help ensure Red Flag compliance and the safety of your customers’ financial information.

    • Utilize an online billing system with proper controls and security.  An online billing system is the safest method for sending bills.  It is a misconception that Internet use increases the risks of identity fraud.  Internet-related fraud accounts for a small percentage of overall identity theft.  Implementing a secure online billing system will significantly reduce or even eliminate billing fraud, including the incidence of employee and consumer-controlled theft.  Some key items to pay attention to in the online billing system are: 
      • Effective 128 Bit SSL encryption.         
      • “Bullet Proof” data security.  All sensitive payment information should be encrypted and comply with PCI standards.
      • IP address restriction.  Toxic IP addresses and suspect countries must be prohibited.
      • Effective and reliable monitoring systems.   Monitoring systems must examine 7 x 24 firewall intrusions and any suspect account activity.
      • Paper suppression.  A properly designed online billing system will provide for paper suppression, which reduces the amount of paper bills sent in the mail.  This will result in cost savings for your company and protect your customers from the paper bills winding up in the wrong hands.
      • A self-enrollment process that requires authentication.  Proper authentication information, such as customer invoice numbers, amount due, account number, invoice date, and due date, should be known only by the customer.  A social security number should never be used as a username.
    • Ensure accuracy in sending invoices when bill printing is used.  Thorough operational and reconciliation procedures should be in place to ensure that printed invoices are inserted accurately and sent to the correct addresses.  Also, inspections should follow to guarantee that the numbers of invoices received by the printer are indeed sent by your carrier.
    • Secure back-end customer service tools.    The back-end tool should allow full transparent tracking of all eBills and print bills, including viewing of the addresses on the actual bill, tracking of the bill through the generation and delivery, deactivating eBill for questionable customers, turning paper suppression on and off, and reviewing enrollees with more than one account.
    • Tracking of undeliverable mail.  Undeliverable mail is often a red flag item and should be addressed and tracked to determine if there is misuse of services.
    • Proper reporting of yellow flags.  The combination of three yellow flags often equates to one big red flag.  The three yellow flags are irregular usage, outstanding balances, or recent change of address.  If all of these items exist on one account, it is very likely that a red flag event is occurring.  The billing system should bring these three variables together and notify billing to investigate.
    • Employee & customer training.  Training through either a website, newsletter or video should teach careful handling of mail, identifying “Phishing” sites, and protecting passwords.
    • Appropriate storage of credit card data.  The biggest information liability is credit card information.  If you are interested in developing an online billing site, most customers will expect that they can store their credit card or bank account information to streamline future orders and payments, along with the ability to implement automatic payments.  Rely on a company with expertise in billing payment systems so that you don’t have to store the payment data on your systems.  Companies that do not specialize in the payment industry are typically not able to comply with the industry standards and requirements necessary to store customer payment information.
    • Proper due diligence on the company that handles your billing.  Choose an eBill company that has the following qualifications.
      • Superior customer references
      • PCI compliant
      • SAS 70 documentation
      • E&O insurance
      • Documented security and privacy plan
    • Secure statement design.  Reduce the sensitive information on invoices such as SSN, customer phone number, and financial data.  Never allow bill data to show through the windows of the envelope.
Careers | Contact Us | About Us
  logo
 
  Your Business | Your Billing Solutions | News   eBill. Print. Mail.
Copyright 2008, Best Practice Systems, Inc. All Rights Reserved.
Privacy | Site Map