Preventing Credit Card Processing Fraud Online and Off
While it would be nearly impossible to eliminate all on line fraudulent payments, there are steps that on line businesses can take in order to keep fraudulent activity to a minimum. If you are accepting on line payment for your business, here are some tips to help you minimize your losses due to fraud.
Choose A Trustworthy Credit Card Processing Company
First and foremost when it comes to protecting your customer’s card numbers you need to make sure you choose a reliable credit card processing company. You want to make sure that you choose a company that has a solid reputation in the industry and does not have a history of identity theft or defalcation. Bottom line, before signing on with a company do some research and make sure they are legit.
Protect Your Software Systems
Security is critical if you are going to protect your customer’s information. Make sure you invest in top notch security protection software and update it on a regular basis. Hackers know how to get through vulnerable areas and this is something you will want to make sure you prevent at all costs. Are you PCI compliant?
Don’t Store Credit Card Numbers
Too many businesses today store customer’s credit card numbers and this could be a costly mistake. Storing credit card numbers is not a good idea as savvy hackers very well could find a way to break into your system. While it might be a convenience for your customers to be able to shop over and over from your website for example, without having to reenter their credit card number, it is not a wise business choice to make. As soon as you no longer need your customer’s account number you need to destroy it. If you do decide for one reason or another to store numbers make sure that they are encrypted.
Reduce Employees Access To Customer Financial Information
When at all possible restrict your employees from having access to your customer’s card numbers and other personal information. Even an employee who seems totally trustworthy may not be. It is better to be safe than sorry.
Make Sure Your Transactions Are Secure
Your credit card processing company should have software installed that protects all of your credit card transactions. Whether you are processing cards in your store, with mobile machines or on the internet you want to make sure your processing company has in place software that will ensure that all transactions are secure.
Protect Your Company From Spammers
Finally, if you send correspondence to your customers via email you will need to take additional precautions to ensure spammers do not gain access to your email database. Spammers have been known to get a hold of email lists and send out emails to people saying that they need to verify their account and unknowing individuals could be susceptible. As an additional precaution you should let your customers know that you would never ask them for personal information in an email.
Online Security Tips
1. Ask for CVV2 – the three or four digit code on the back of credit cards helps verify that a customer has a credit card in their hand at the time of placing the order. Requiring CVV2 codes for credit card processing has reduced fraud-related chargebacks in numerous studies.
2. Always ask customers for their phone numbers and then verify the area code matches the customer’s address. If it doesn’t, call the customer to verify the order.
3. When the customer does not give the same billing and shipping address, be weary. Most times this will probably be because they are sending the item as a gift, but you still may want to contact the customer to verify, especially if they give a shipping address that is out of the country.
4. Watch out for suspicious orders. If a customer orders a super high amount of a particular item this should raise a red flag. Also, if an order is much larger than a typical order for your business, you may want to question it. Finally, if someone orders multiple items on multiple credit cards all shipped to the same address or if a customer places multiple orders in a short time frame you should take precautions. In any of these situations you may want to contact the customer to confirm the orders and to verify their identity.
5. Always use your credit card processing company’s address verifications services. This service is able to verify that the information you receive from a customer actually does match up with the credit card being used.
6. It does not hurt to check and verify IP addresses from where the customer order is being sent. The red flag to watch out for here are IP addresses that are international and originate from areas that are known for a high rate of fraudulent activity.
7. Watch out for emails that are untraceable. If the email address used when placing an order is untraceable ask the customer to verify with an email address that is traceable to their location.
8. Make sure that you have an anti fraud policy and make sure that it is clearly displayed on your website. Include in your policy that you will prosecute those who participate in fraudulent activity to the fullest extent of the law.
9. Reserve the right to verify identity of your customers.
10. When in doubt contact the issuing bank to verify the credit card account before you ship out the customer’s order.
11. Check with your payment gateway company to see if they have any other tools that you can install in your payment processing to help keep down fraud. Many companies do offer additional protections and you will want to make sure that you are using them.
12. We wary of orders outside the United States – international addresses aren’t verifiable by the AVS, which means a significant number of fraudulent transactions take place to cardholders outside the United States.
13. Require Card Expiration Dates – requiring every internet or phone order provide their card expiration date minimizes the potential for unauthorized use of credit cards.
Offline Security Red Flags
1. Delayed responses or hesitation: when you ask a customer for personal information like how to spell their last name, street name, or their zip code – it’s often a sign that the person is using someone else’s identity and has to look up the information.
2. Different ship to address: while sometimes having items shipped to another location is perfectly acceptable, whenever the ship to address is different from the billing address, it’s a transaction that deserves a closer look. This is true also if someone requests their items are shipped to a post office box or an office instead of the bill to address.
3. Rushed orders: people who are in a hurry can sometimes be a red flag for fraud. They want to obtain merchandise before they’re caught using someone else’s credit card, and then resell it quick.
4. Random or oversized orders: if a customer doesn’t seem to mind if you’re out of stock on a particular item and simply orders a new one without much thought; or the sale is for an unusually large amount (particularly for a first-time customer), beware. These are signs of fraud.