With the growth of card chip technology, fraudulent card purchases at the point-of-sale (POS) may decrease.
But how do you protect your business from “card not present” fraud that may occur with online sales?
There is no single source for such fraud. Perpetrators of card not present fraud may include individuals or criminal rings located in other countries.
In the latter case, the degree of sophistication in perpetrating such fraud can be impressive. Criminals routinely steal and sell lists of credit card numbers, some with a surprising amount of associated information.
Fraudsters then create counterfeit cards to purchase costly items that they can resell at a discount on the black market. Items that are fraudulently purchased may include electronics, jewelry, and cigarettes. Others include specialty clothing such as high-end athletic shoes and even bridal gowns.
But no matter how the fraud is committed, your business could be at risk for substantial losses caused by “card not present” fraud. Here is how to reduce the chance that your business becomes its next victim.
Start with the basics – Even in today’s sophisticated world of fraud prevention, sometimes the simplest things work best. For instance, when a significant credit card charge occurs, contact the issuing bank and ask it to make a courtesy call to the customer to make sure that it is a legitimate transaction.
Use address verification – A “must-do” step in protecting your business is to request both the billing and shipping address for card purchases. Once obtained, and before the transaction is processed, use an Address Verification Service (AVS) to make sure that the billing address provided agrees with the billing address that is on-file with the issuing bank.
Always get a security code – Obtaining the three or four digit security code on every credit card should be done for every card transaction you process. Unless a fraudster has a lost or stolen card in-hand, this number cannot be obtained from the card’s magnetic stripe or chip, rendering the card useless for fraudulent purposes.
Be wary of foreign shipments – Because it is much harder to verify foreign addresses, you may want to insist on advance payment where foreign shipments are concerned. As chip cards gain wider use, criminals may put greater efforts into “card not present” fraud.
Set rules for declined transactions – Criminals may use software tools to submit many credit card numbers in rapid succession, hoping for success. Once a pre-set number of attempts are made, establish pre-set business rules to lock them out of your system.
Update your software – Keep all software up to date with required security fixes and patches, and be sure that you are using the most recent versions.
Use risk-based rules – Fraudsters may attempt to hack your business in multiple ways. Some will inundate your site. Others may place a large order immediately following the card being validated or tested. Some may just be seeing what, and how much, they can get away with.
With it, a merchant can set the maximum number of card attempts that they will accept. In short, minimizing “card not present” fraud involves constant efforts to try to stay one step ahead of criminal intent on getting something for nothing from your business. Don’t give them the satisfaction.
At PNC Merchant Services®, we realize that businesses in various industries accept customer payments in different ways. That's why we have developed a wide range of payment processing solutions designed for specific industries. Learn about our industry solutions.
Please contact us at 1-888-235-6959 if you have any questions or need any assistance.