Learning to recognize suspicious or unusual activity is the best prevention against online credit and/or debit card fraud. We highly recommend that you be vigilant in checking your merchant account statements for possible fraud charges. If you notice any transaction that looks in any way suspicious, we ask that you contact us immediately. We also recommend you read through the following prevention tips below to educate yourself and your employees on protecting yourself against credit and/or debit card fraud.
Retail/Brick and Mortar Fraud
Fraud can happen in many different and unexpected ways. Perhaps the biggest tip we can offer is that you do not make it a habit of “writing down” a customer’s credit card number on paper. With all the sophisticated tools available, all credit card information should be stored securely with your processor or payment gateway provider. We also recommend that you provide extensive training to employees in regards to suspicious customer behavior. While the behaviors below don’t always mean fraudulent activity, employees can be proactive in checking with your authorization company when they recognize these behaviors. The authorization company is always happy to ensure that a credit card is legit. Possible behaviors include:
A customer who is making a purchase without caring about the purchase. They don’t ask questions or even seem aware of what they are purchasing. They are just looking to get in and out of the store. Pay special attention to customers who hurry in at closing time and nervously try to hurry your employees through the sale.
Pay attention to where the customer stores their credit card. Almost all customers pull their credit card from their wallet or purse. This is naturally where we store credit cards. However, if you notice a credit card being taken from a pocket or other “unnatural” place, then pay special attention to the transaction for possible fraud.
Notice if a customer purchases a large item and refuses delivery. While this does happen, it can also be a sign that the customer wants to get the item out of the store and disappear as fast as possible.
If a customer takes time to slowly sign the receipt, this could be an indication of a forged signature. The employee has the right to verify that a signature on the receipt matches the signature on the back of the credit card or drivers license. Also check to make sure that the customer spelled their name correctly. These are small mistakes that many scammers actually make. All it takes is a cautious employee to notice these little clues.
Damaged cards are another possible indication of fraud. Many scammers will damage the magnetic strip on the back of a card so it cannot be swiped. This will force your employee to manually key in the card and will bypass many fraud protection services in place for a card that is swiped.
It is also important that your employees help to monitor the POS system within the store. Many scammers can grab information from the magnetic strip of a credit and/or debit card with a simple attachment that can be placed on your credit card terminal.
If your employees are suspicious about a card or a cardholder at any time during a transaction, make sure to leave the number of the authorization center in an easily accessible area so that they can call and confirm credit card information at any time, without hesitation.
There are many steps you can take to help prevent online fraud perpetrated through your e-commerce store.
Require the Security Code (CCV, CCV2)
Almost all the sensitive credit or debit card information is stored on the magnetic strip found on the back of the card. However, the security code is not stored on the magnetic strip, but on the back of a credit or debit card as a simple three-digit pin that is required to complete the verification process. (If the card is an American Express, then the code is usually found on the front of the card and is a four-digit code.)
If the information on the magnetic strip is stolen, it will be useless if you require a security code before processing a transaction through your e-commerce store.
Don’t Store Credit Card Information on Your Website
We can’t stress this enough! DO NOT store credit card numbers in the back-end of your e-commerce website. This information can be safely stored with your payment gateway. Most payment gateways make it seamless to hop off the website and then hop back on. Most of your customers aren’t even aware that they hopped off to a secure payment gateway portal. In the event that your site is hacked, the credit card information is safely stored on a separate secure server.
Use the Address Verification Service
We’ve mentioned this before, but the Address Verification System (AVS) is another effective safeguard against online fraud. The Address Verification System (AVS) is in place to ensure that the billing address matches the address on file for the credit card. If it is different, the credit card may be declined.
Restrict the number of declined transactions
Often times scammers will use code to repeatedly hit your website and try hundreds of different credit card numbers to see if any of them will be accepted by your store. To prevent this from happening, you can specify that credit card information can only be entered a certain number of times before the system will lock the user out. They will be unable to continue entering purchase information. While this helps prevent fraud an additional benefit comes from the fact that every time a card is declined, you will still be charged fees for that declined transactions. As you can imagine, over time with a scammer trying multiple times to guess correct credit card information, those fees can add up in a big way!
Review Multiple Orders Shipped to the Same address with Different Cards
If you notice that you have received multiple orders on your website going to the same address, but with different credit cards, that is a huge red flag. We highly recommend that you make sure these orders are legit before shipping them to your customer.
What to do If I Suspect Fraud?
If a fraudulent transaction occurs, we encourage you to immediately contact the following persons for assistance:
Your bank or payment processor
Your Local Police Department
Working together, these departments can help direct you towards resolving the fraudulent charges.