Credit card fraud costs businesses billions of dollars per year, and the bulk of these losses come from online transactions. Merchants usually have the most to lose in such instances – the consumer is considered the victim, and they can have the fraudulent charges reversed. But the bank doesn’t foot the bill; instead, the seller is held liable.
As a business owner, you want to minimize fraud losses for your company. Fortunately, there are steps you can take to prevent credit card fraud, as well as actions to mitigate the damage if you suspect or identify fraud.
What is credit card fraud?
Credit card fraud is when a thief uses stolen credit card information to make unauthorized purchases. It’s considered a form of identity theft, since thieves use a portion of the cardholder’s identity to carry out the fraud.
Here are some of the ways credit card fraud can happen.
- Card-not-present (CNP): This happens when a scammer steals an individual’s personal information and uses it to make a purchase online.
- Account takeover (ATO): Once a scammer steals a consumer’s personal information, they might contact the credit card company pretending to be that person. They then change the PIN or password so they have total control over the account.
- Credit card skimming: Skimmers are devices that steal the credit card information on the back of a card. Hackers will either sell this information or use it to make fraudulent purchases themselves.
- Stolen cards: Scammers will also steal someone’s credit card or intercept credit cards that come in the mail.
Credit card fraud is surprisingly common – in 2020 alone, nearly 400,000 Americans were victims of it, according to the FTC. That number will only grow as more and more consumers favor online purchasing. While it’s possible that any e-commerce fraud rules could mistakenly reject legitimate orders, implementing both automatic and manual fraud screening efforts could prevent your business and its customers from becoming victims of fraud crimes.
FYI: If you run a brick-and-mortar store, upgrading your credit card terminals to EMV technology is an easy way to cut down on in-person credit card fraud. These devices rely on chip card transactions, which are more secure.
5 tips to prevent fraud
All business owners, but especially those who rely on online credit card payments, should take the risk of fraud seriously and put measures in place that ensure their business is safe for them and their customers. Let’s look at five ways to help prevent credit card fraud in your company.
1. Educate yourself about the threats.
As noted above, credit card fraud comes in many different forms, so the first step is to educate yourself about the risks. Familiarize yourself with the most common types of credit card fraud and the warning signs associated with them. Watch out for these red flags:
- The customer purchases an unusually large order.
- The shipping and billing addresses don’t match.
- Multiple credit cards from the same IP address are used.
- The customer asks for rush shipping or has a lot of questions about how quickly you can ship an item.
- The customer gives a fake email address.
2. Use fraud protection services.
It may not be possible to eliminate online fraud entirely, but the right fraud protection services can help you minimize it. For instance, you can validate customer information by comparing it to databases maintained by Experian or Equifax. Address verification service (AVS) is another method that can help cut down on fraud. AVS authenticates the cardholder by comparing the billing address to the address on file with that customer’s bank.
You can also set your payment system up to automatically flag or outright decline transactions above a certain amount. You might also want to partner with a merchant services provider that offers chargeback protection. See our recommendations for the best merchant account services.
Tip: To keep your sensitive business data safe, update your payment software as often as the vendor allows. Neglecting software updates exposes your business to weaknesses that scammers can exploit.
3. Power up with data.
Another technique to verify shoppers’ identities is comparing the data provided to you with information publicly available on social networks like Facebook and LinkedIn. This approach is useful because while it’s easy to set up a new social media profile with a fake name or stolen identity, it’s difficult to create one with a long history. Plus, the information used is unlikely to match the name and email address of the customer they’re impersonating. Find a risk analysis service that integrates social media data for an added layer of protection. [Related article: How to Do a Cybersecurity Risk Assessment]
An additional way you can harness data for fraud prevention is to unify your customer data. In other words, connect your data sets on marketing and customer experience with your data on fraud. By aligning this information, you can use the customer data to verify purchase information, lessening the risk of false declines that wrongly flag a legitimate order.
4. Trust your instincts.
A common financial scam is one in which a scammer poses as a potential client. The purported customer might approach your business saying they want to pay for your services in advance. The catch is that they want to include an additional sum that you’ll then pay to a third-party subcontractor. For instance, they want to pay you $15,000 to build them a website, but they need you to pay their supposed photographer $5,000 from that money. This person is likely using a stolen credit card, so they want you to send the $5,000 to their bank before you realize the original $15,000 is fraudulent.
While it’s harder for online businesses to actually meet their customers, you can still form customer service relationships with them and get to know the purchase habits of your target consumers. That way, odd behavior and requests will stand out as departures from the norm. The bottom line is that if a proposed payment exchange sounds too good to be true, it probably is.
5. Put fraud procedures in place now.
Credit card fraud is unpredictable – you could experience zero incidents for weeks and then see a sudden spike in suspicious activity. That’s why it’s crucial to begin implementing protective measures now and make ongoing fraud monitoring part of your regular business operations. Don’t put off researching payment service and risk management providers who can help cut down on your risk of fraud, because every day that goes by is another day your business is potentially exposed.
Did you know? The best credit card processing providers offer anti-fraud tools, like AVS and voice authorization.
What should you do if you suspect fraud?
Of course, what if you put all of these procedures into place and your business and customers are still victims of fraud? If that happens, report the incident immediately to minimize the damage and try to recoup the stolen money. Contact your accounting department and your bank as soon as possible to let them know about the fraud. It’s worth reaching out to your credit card processor as well.
FYI: While e-commerce fraud is on the rise, so is m-commerce fraud – fraud via purchases made with a mobile device. You should adopt protective measures for your mobile app or store to lessen the risk to your business and clientele.
Report the incident to your local law enforcement and give them a record of any interactions you’ve had with the suspected scammer. Lastly, but not insignificantly, contact any customers who’ve been affected so they can take the necessary steps to protect themselves and recover their misused funds.
John Canfield contributed to the writing and reporting in this article.