By 2020, The Nilson Report estimates that credit card fraud will account for over $31 billion in losses to businesses. The Association of Certified Fraud Examiners published a separate report which shows that almost half of small businesses fall victim to online credit card fraud at some point. This makes credit card fraud a very real threat to both the profitability of your business and your reputation among your clients.
A major reason for businesses falling victim to credit card fraud online is a lack of knowledge and preparation. Being proactive in the fight against cyber-crime will dramatically decrease the risk of your business becoming another credit card fraud victim and increase trust among your clients.
Types of Credit Card Fraud Online
It is important to understand how hackers commit credit card fraud in the fight against it. There is a broad number of variations when it comes to online fraud. However, we can generally categorize it as follows:
Account Takeover Fraud
When trading online, many businesses offer clients the opportunity to create an account that stores their personal information, preferences, financial data for quick transactions, and purchase history. Hackers will often attempt to gain access to these accounts via phishing schemes such as trick emails used to discover a client’s username and password. The hacker can then log in to your client’s account, change personal information such as the password to lock the victim out of the account and make purchases from your business.
Identity Theft & Fraud
While all businesses who accept credit card payments online will have some form of security set up to protect the information of their clients, hackers will often find ways into the database. Once they have gained access, they can steal usernames, passwords, addresses, financial information, and other personal information stored by your business. The scammers will then either use the credit card and personal information to make purchases online or sell credit card numbers on the black market.
Protect Your Business & Prevent Credit Card Fraud
Knowing how hackers gain access to credit card and other personal information is only part of the solution. It is also important to understand how you can protect your business against these crimes. There are several steps you can take to prevent credit card fraud online:
1. Additional Verification
There are two verification systems that you can use to protect your business against online credit card fraud. The first is the Address Verification System (AVS). This tool is used by credit card companies and banks to compare numerical parts of a client’s address to the address on file at the financial institution. For example, a cardholder’s address may be 123 Main Street, California, USA 45678. The system will verify the digits in this address against the digits from the billing address placed with the order. Receiving a full match reduces the risk of fraud occurring from the payment.
The second tool is the Credit Card Verification Value (CVV). You are more than likely familiar with this already – the three- or four-digits that appear on the back of your credit card. These numbers are important because they are not stored on file along with a credit card number, cardholder’s name, and expiry date. This makes it next to impossible for fraudsters to use a stolen credit card online unless they have the physical card with them. Make sure you request a CVV number for every credit card transaction.
2. Insist on Tough Client Passwords
Hacking a password is much simpler today than a few years ago. Sophisticated programs are used to run through an incredible combination of letters and numbers in order to crack a password. These programs can run tens of thousands of combination per second and can crack simple passwords in minutes, providing access to a client’s account or business database. The best practice for avoiding this is to request tough passwords from your clients when they create an account. Secure passwords feature 8 characters including one capitalization and one special character. You can explain the reasons for requesting better passwords to your clients who will thank you for being honest and focused on their security.
3. Confirm Orders by Email/Phone
Checking and confirming orders is a great way to protect your business from credit card fraud. When you receive a new order, check the email address used to place the order. If it comes from a free service such as Gmail or Yahoo and looks out of place, it is recommended to call the client to confirm the order. If you have the manpower and time, confirming all orders via telephone before shipping out is highly recommended. You can also call the bank to verify the information received from the client prior to fulfilling an order. The best practice is to monitor transactions closely and use your gut feeling if something doesn’t feel right about a purchase. Taking a couple of minutes to verify a transaction can save a whole lot more time and money in the long-term.
4. Ensure Your Business is PCI Compliant
Security standards are set the Payments Card Industry which is designed to help and guide online businesses when accepting credit card payments. They offer detailed instructions on how to securely accept credit card payments, how to securely store cardholder information, and much more. Following their advice and rules is the most effective way to protect your business from online credit card fraud. You can read more about PCI Security Standards online.
5. Stay Up-To-Date On Credit Card Fraud Online
While the information provided in this guide is up-to-date, credit card fraud online is constantly evolving and changing. Cyber-criminals will stop at nothing to commit the latest acts of credit card fraud and are continually updating and upgrading their technology. Make sure you frequently check back for updated guides and keep abreast of the newest tactics employed by cyber-criminals. This is the best way to protect your business.
At EthosPay we provide specialized merchant services to help protect your business from online credit card fraud including Advanced Fraud Scrubbing, Secure Payment Gateway, and much more. Find out more about the range of merchant services offered by EthosPay by visiting our merchant processing services page.