Credit Card Fraud Prevention Tips for Your Business
There’s good news – and not-so-good news – for businesses that accept card payments.
The good news is the EMV chip cards, which were widely adopted in the United States a few years ago, have helped reduce credit card fraud at the point-of-sale (POS). The not-so-good news is that fraud involving card-not-present (CNP) transactions is on the rise. And losses from CNP fraud, which typically occurs when customers buy online or pick up online purchases at a store, usually fall on the shoulders of the business owner.
There are several ways to reduce your exposure to this type of fraud. Many involve developing better ways to authenticate online shoppers.
Your ongoing challenge will be to make it as easy as possible for customers to complete their purchases without also inviting criminals to exploit your vulnerabilities. Here are just a few tips for deterring this type of fraudulent activity.
1. Don’t expect credit card companies and processors to stop all fraud.
While they do take many precautions, you should plan to perform additional checks after a card processor approves an order. This is also why maintaining your PCI compliance should be a priority.
2. Watch for strange patterns.
Most e-commerce software can be programmed to flag suspicious purchase patterns. For example, you might watch for orders with an extra-large quantity of a single item or multiple orders to the same address using different credit card numbers. That’s especially true if the credit card numbers are very similar, which suggests they may have been stolen from an online source.
3. Consider flagging purchases with different billing and shipping addresses.
If a stolen credit card number is used, the scammer may use a phony billing address. Also, be wary of shipping to a re-mailing service that might automatically forward your packages. If the billing and shipping addresses differ, you might request phone numbers for both addresses, charge an extra fee to require a delivery signature or require advance payment by cashier’s check or money order.
4. Address fraud on your website.
Indicate on your website that you have anti-fraud safeguards in place and will report all fraud to the FBI Internet Crime Complaint Center (IC3) – and then follow through. Also state on your website that you may contact customers directly if there are any problems with their order.
5. Call your customer.
Fraudsters rarely share their real telephone number because they don’t want to be contacted or traced. Instead, some will submit the phone number of the person whose credit card was stolen. If you suspect fraud, you can call that number and learn whether or not the card holder authorized the charge. If they did not, you can suggest they call their credit card company to report a stolen card. Calling customers not only is a great way to detect fraud, it can also be a valuable way to welcome customers and develop strong customer relationships. It’s an easy call to make and customers will appreciate you taking an extra step to ensure their security.
6. Develop alternate ordering procedures for international customers.
International sales can be an important part of your business. Because it is difficult to retrieve goods once they have left the country, it’s important to have safeguards in place to identify fraud before orders are shipped. Your bank or credit card processor can provide lists of high-risk countries. For international orders, one strategy is to ask customers to contact you by phone or email for shipping costs. Alternately, your ‘thank you’ page might explain that the purchaser is required to send a photo of the credit card or a copy of the credit card billing statement for verification prior to shipment. Additional steps like these can deter scammers who are anxious to complete a purchase before card number theft is identified.
7. Develop a fraud-scoring system.
In the U.S., most fraudulent purchases are made between midnight and 2 A.M. Does this mean that a purchase made at 1 A.M. will be by a scammer? No. But if that purchase is also for a particularly high dollar amount or originates from a high-risk country, the chance of fraud increases. You can develop a system that assigns points for different parameters in a transaction, from the amount of the purchase, to the length of the customer’s purchase history. You can then create a scoring model that can be used to score and flag suspicious orders for review before processing.
8. Implement a delayed shipping policy for suspicious orders.
An order confirmation email can explain that additional checks or holdovers are sometimes necessary to reduce fraudulent offers. Such notifications may result in order cancelation by fraudsters who know that most credit card theft is reported within 24 hours. Be wary, too, of large orders requiring immediate or overnight delivery. If you proceed with these sales, require a signature upon delivery to prevent a scammer from using an innocent person’s address as a drop-off point.
9. Watch for ship-to-store order fraud.
Many online retailers now give their customers the option of having orders shipped to a brick-and-mortar store for pickup. Be aware that fraudsters like this option, given that they don’t have to provide a shipping address. Your in-store or curbside pickup process should involve confirming all order information, including a review of the credit card and CVV2 validation used for the purchase.
Those who commit credit card fraud prefer anonymity and speed so they can get away with their stolen goods before they are caught. Your job is to thwart their efforts while not frustrating your legitimate customers. It’s a delicate balance, but absolutely critical to your success.
- 5 ways tech tools can save time for your business
- Brand Impersonation: What it is and how to avoid it