A self-help primer for merchants fighting card fraud on the
front lines
Criminals are always looking for the weakest link. The
unlocked door. The sleeping security guard. The unsuspecting target of an email
phishing scam.
Illustration of man in mask reaching through computer and
man with shield and sword fighting credit card fraud on the front lines
The good news is that advances in credit card security
technology have dramatically reduced fraudulent credit card use in-store. The
widespread adoption of EMV chip systems save merchants and consumers billions
from counterfeits and unauthorized card use. Reinforcing this new wave of
security infrastructure, credit card processors and financial institutions
continuously monitor merchant accounts to detect signs of fraud, stopping them
before they occur.
But technology is only one part of the puzzle. Human error
at the point of sale continues to be a thorn in the side of merchants.
“Card-present” in-store credit card fraud remains a costly menace to businesses
worldwide. When employees at the point of sale aren’t trained to detect common
fraudulent practices, criminals see a wide open door to your back pocket.
Learning to detect the warning signs of fraud will help
protect your business by reducing your risk of card fraud liability. These six
best practices to avoid credit card fraud offer a baseline that can be
integrated into your own policies and procedures to help secure the point of
sale for your business.
Because nobody wants to be the weakest link.
Best practice #1. Accept cards only from the authorized user.
There are no “borrowing privileges” with credit and debit
cards. If doesn’t matter if it is the wife or husband, daughter or son: The
only authorized user of any credit or debit card is the person whose name is on
the front and signature is on the back of the card. “Letters of authorization”
for use of a credit card are not valid, even when accompanied by the best of
intentions. By accepting payment without validating ID, you may be liable for
any chargeback in case of fraud.
Simple due diligence that takes seconds can save you time,
money, and headaches down the road.
Two hands reaching for a credit card with the text Credit
and debit cards don't have borrowing privileges
Best practice #2. Accept physically damaged cards at your own risk. Or
safer yet, not at all.
A common card-present fraud scheme occurs when cards are
presented that are defaced so that they cannot be read by either magnetic strip
or chip readers. Counterfeit cards are often damaged as pretext to bypass their
anti-fraud features. If you have an electronic point-of-sale terminal, swipe or
dip every card that is handed to you, no matter how damaged or worn. Be wary of
customers who let you know right away that their card won’t read.
It’s your business, and therefore your right to simply ask
for another form of payment, or to decline the transaction rather than manually
key-in information from a damaged card.
Best practice #3. Beware of fraudulent merchandise returns.
The National Retail Federation estimates that in 2017, 10.8
percent of all merchandise returns in the U.S. were fraudulent. Whether the
return of stolen merchandise, employee return fraud, or the use of counterfeit
receipts, return fraud remains a clear and present danger to merchants.
Handling legitimate returns is an important customer service
function. Criminals know this and see it as a weak link they can exploit. Your
company’s return policies need to be transparent to all parties, and designed
to protect all parties. With a little upfront effort, you can seamlessly
deliver on the legitimate return needs of your valued customers while staying
vigilant in the fight against criminal fraud. If something seems amiss with a
return, put on the brakes.
Small preventative investments in common sense procedures
and the people that implement them will pay off big in reduced chargebacks from
fraudulent returns. Making sure that your return policies are fully transparent
to both your employees and your customers will minimize this risk.
Best practice #4. Know your outliers: understanding the
how’s and whys of payment red flags.
Woman on phone to avoid credit card fraud contact your
processor to alert them of payment transactions that fall outside the typical
transaction amount
Nobody knows your business as well as you do. When it comes
to the payments end of your business, credit card processing companies can also
identify red flags. Credit card processors continuously monitor your business
transactions for fraudulent activity, partnering with merchants to learn the
payment patterns of your business.
If you need to perform any transaction that is out of
character for your business, give your processor a call first. If you are a
restaurant that typically does $30 swiped or dipped transactions, call your
processor before you manually run a $5,000 sale for a catered wedding. If
you're going to run an unusually large transaction, call ahead to let processor
know what you're doing.
Understanding why payment red flags are raised will help you
manage legitimate transactions that fall outside your regular business
patterns.
Best practice #5. Don’t be bullied: Reasonable exceptions to
“the customer is always right.”
As merchants fighting to grow our businesses, we live in a
mindset where the customer is always right.
But there are very appropriate limits to customer
infallibility. A no-tolerance policy for customer bullies is important on a
number of fronts. Bullies are not just a nuisance to your hard-working staff,
and they are not nearly limited to those committing fraud. But criminals will
often intimidate a cashier by causing a fuss at the point of sale. Criminals
will try to rush the purchase with the goal to produce to improper checkout,
complain about the service, or anything to keep the cashier’s attention off the
authorization of the credit card.
Don’t be intimidated by bullies. Empower your employees to
always make sure the correct procedure is followed when authorizing every
credit and debit purchase. Bullying behavior may not necessarily be a
smokescreen for fraud, but it is a red flag.
Best practice #6. A merchant lifeline in cases of suspected
credit card fraud: Code 10
Whenever you encounter doubts about a credit or debit
transaction, as a merchant you have a trusted recourse: calling in a Code 10 to
your credit card processor. A Code 10 allows you to call for an authorization
without the customer becoming suspicious. If the card center determines
something is amiss, he or she will deny authorization.
Man looking at POS terminal with text Code 10 is a type of
authorization request used by merchants with the card issuer to discreetly
notify the issuer of possible suspicious card activity without alarming the
customer
Any time fraudulent activity is suspected is the right time
to call in a Code 10. Be aware of cards that don't swipe or dip and check these
cards for other security features. If a card does swipe or dip, make sure the
card number and the number that appears on the terminal match. If there is no
Bank Identification Number (BIN) above or below the first four digits, that’s a
red flag. If the name on the card does not match the signature or there is a
misspelling, that’s another red flag, call in the Code 10.
A Code 10 can be used any time you feel a transaction may
not be legitimate.
Due diligence still matters, even in the age of
“frictionless commerce.”
The age of the enabled consumer with perpetually rising
expectations poses a constantly evolving set of challenges. Merchants seek to
provide “frictionless commerce” by serving the needs of our customers wherever
and whenever they are, instantly, before they gravitate to the competition.
In the rush to provide our empowered customers the best
possible service, merchants can unwittingly make themselves vulnerable.
Avoiding credit card fraud requires merchants to think about balance. Smart
merchants invest in procedural guardrails by training those who operate
point-of-sale transactions to spot the red flags of fraud.
Due diligence matters when it comes to your money. Following
these best practices will help take the target off your back by ensuring that
your business is not the weakest link.
#paymentgateway #paymentgatewayintegraion
#paymentgatewaysyariah #awepay #newinnovations #paymentgatewayberlisensi
#bankindonesia #PaymentGateway #paymentsolutions #solution #Business #needs
#htl #malaysia #website #responsive #designing #development #deployment #user
#design #performance #theme #ecommerce #email #emailsupport #technical #support
#businesssupport #applicationdevelopment
Comments
Post a Comment