Credit Card Processing Fraud Prevention for Merchants
Credit card fraud continues to be a major risk to merchants — a threat that has potentially crippling financial implications. Of major concern are card-not-present (CNP) transactions, such as those handled by online and mail order/telephone order (MOTO) merchants.
Fortunately, there are simple, established steps you can take to lessen the likelihood that your business becomes the victim of online fraudsters and thieves.
What you Need to Know about Fraud Rings
Fraud rings thrive on consumer and merchant complacency. They look for merchants that have not taken the time to enhance their security and fraud prevention.
Fraud ring attacks can include a range of tactics including: paying with stolen credit cards, chargeback fraud involving complicit cardholders and creating schemes to create large-scale layered fraud against multiple merchants.
The hallmark feature of fraud rings are the coordinated and interconnected efforts of multiple fraudsters to steal from and defraud merchants.
What differentiates fraud rings from a small-time criminal is the level of sophistication involved in fraud ring attacks. Think of the people behind fraud rings as professional fraudsters – they approach their “job” just as seriously as anyone else. They take advantage of the latest in technology, communication and payments to make it easy for them to succeed at defrauding merchants.
Merchants using payments solutions that monitor for out-of-context sales, IP address data and traffic, frequency of sales from one device or cardholder, and other high-risk sales indicators can beat fraud rings at their game. Remember, fraud rings look for merchants who are not using the latest in credit card processing technology.
Keep in mind, fraudsters want to do more than commit chargeback fraud, they seek ways to attack your business and your customers repeatedly. Once they identify a hole in your fraud prevention security, they’ll use numerous methods to penetrate your customer database to get exactly what they want.
The best thing you can do is to be proactive.
How to Decrease Card Not Present (CNP) Fraud
The Oct. 2015 EMV fraud chargeback liability shift has resulted in a significant drop in fraudulent card present payment transactions, but at the same time, spiked card not present (CNP) fraud. Some studies show CNP fraud increased by 12 percent or more. A card-not-present (CNP) transaction is when a cardholder makes a purchase away from the point of sale (online, phone, etc.), and the merchant doesn’t have access to the physical card used.
- Device Identification
- Rules Based Filters
- CVV Verification
- AVS Authentication
- Customer Identification Confirmation (by contacting via email or phone prior to shipping)
Another way to decrease CNP fraud is to be aware of the warning signs. Here are some common CNP fraud warning signs:
- First-time shopper
- Larger than normal order
- Order that includes several of the same item
- Order with many big-ticket items
- Rush or overnight shipping requested
- Shipping to an international address
- Transactions with similar account numbers
- Transactions placed on multiple cards all shipping to a single address
- Multiple transactions on one card over a short period of time
- Multiple transactions on a card with a single billing address, shipping to multiple addresses
- Multiple cards used from a single IP address
- Orders from Internet addresses that make use of free e-mail services
What is a Chargeback?
When a credit card transaction is disputed by either your customer or by a customer’s credit card Issuer, you may receive a chargeback. If a chargeback occurs, the amount of the original sale will be deducted from the checking account on file with your Merchant account.
Common Reasons for Chargebacks
- The cardholder disputes taking part in a transaction, the quality or the receipt of merchandise or services
- The cardholder claims to not have received the purchased merchandise or services
- The amount charged to the card was incorrect
- Proper authorization was not obtained
- The card was stolen or used without the owner’s knowledge
- Processing errors, such as an incorrect calculation on the sales draft, an invalid account number being entered, or an expired card being accepted, were made during the transaction
- A retrieval request for supporting information was not sent within the requested time frame
Chargeback Prevention Tips
- Make sure the business name that appears on the cardholder’s statement is a name that your customer will recognize.
- Provide a local or 800 number on invoices and receipts for customers to contact you directly with purchase questions and concerns.
- When a customer is due a credit and the original sale was made on a card, process the credit back to the original card number – do not refund by cash or check. If credit is due on more than one sale, process each credit individually.
- When possible, avoid taking credit card numbers over the phone. Encourage customers to come in to the store and swipe their credit card.
- Always check the identification of the cardholder – do not accept a borrowed card
- Never accept an expired card.
- Compare the signature on the sales receipt to the signature on the back of the customer’s card and driver’s license.
- Verify that the number on the screen matches the embossed number on the card.
- Obtain customers’ full billing information such as the name of cardholder, billing address, and billing phone number.
- When prompted, enter the cardholders address or zip code, this is known as Address Verification Services (AVS).
- Enter the three or four digit code on the back of the card.
- Document clear return policies and terms and conditions on your website or invoice.
- Use shipping that is able to provide proof of delivery to the billing address should there be a dispute.
- When shipping high price items, request a signature for the merchandise to be released to the buyer.
What is EMV?
EMV is the best available technology for validating cards and cardholders. It makes the card virtually impossible to copy, thus reducing the possibility of accepting counterfeit cards.
The chip embedded in the card stores cardholder data and creates a unique value for each transaction. This dynamic authentication makes each transaction unique and more secure.
Important benefits of adopting EMV payment technology for your business include:
A chip card-enabled terminal validates the card and the cardholder authenticates that they are the card owner while the card is still in the credit card terminal.
Security features built into the chip reduce lost, stolen and counterfeit fraud. Unlike traditional magnetic stripe transactions, the EMV credit card terminals and chip-enabled cards work together to validate the card and cardholder.
Reduce Financial Liability
Since the Oct. 2015 liability shift, merchants that are unable to support chip cards have been held financially responsible if a fraudulent transaction occurs.