If you operate a retail or e-commerce business, accepting all major credit cards and electronic checks is a required method of customer payment. However, when deciding to accept electronic payments, business owners must also consider the potential cost of fraud. Studies have shown that traditional and online merchants have lost billions in fraudulent transactions. Today, technology provides proven methods to identify and prevent fraudulent transactions.
Fraud can take many forms. It goes without saying that fraud is bad for business. If you process a fraudulent customer order by the time you discover your credit card was stolen, you’ve already shipped the product. Fraudulent orders usually result in a chargeback from the customer’s credit card to your business. Unfortunately, by that time you already delivered and lost your product, you lost the income from the sale and to top it off; you will receive a chargeback fee from your credit card processor. I’m sure we can agree that there is a great need to identify and stop a fraudulent order before your product is delivered. Fortunately for the merchant, there are many steps and processes that can be implemented to reduce and eliminate credit card fraud.
10 WAYS TO REDUCE CUSTOMER CREDIT CARD FRAUD
1. Address Verification Service (AVS) – is a simple and easy process to implement to decrease your chances of accepting a stolen credit card. When you process a credit card transaction; be sure to enter the cardholder’s billing address and zip code. Manual non-swipe transactions (Internet and MOTO) will require you to enter cardholder information. However, card present (swipe) transactions will not. Once you enter the cardholder’s billing address and zip code, you’re ready to process the sale. Your POS system will verify AVS with the card issuing bank. You can receive a street address only match, a ZIP code only match, or a street address and ZIP code match. If you do not receive an AVS match, you should consider rejecting the transaction. Approximately 80% of fraudulent transactions in the US are AVS mismatches. Please note that most AVS systems are configurable, so be sure to check your AVS settings. Implementing AVS can have a big impact in reducing credit card fraud.
two. Card verification (CVV/CVV2) – is similar to AVS. CVV is the 3-digit code on the back of a credit card (4 digits for American Express). Like AVS, CVV is entered at the point of sale. The cardholder’s CVV code is verified by the card issuing bank when the credit card sale is processed. If you do not receive a CVV match, you should consider rejecting the transaction. Online merchants must make CVV a required field.
3. Use a threshold management service – Threshold management allows the merchant to set parameters for the transactions it will accept. For example, transactions can be filtered based on the amount of money charged per transaction, the number of transactions charged, the frequency of the transaction, the average user ticket, etc. Transactions that are flagged as a possible fraudulent transaction will require additional review by the merchant. Threshold Management services are often available as an add-on service.
Four. Browse orders for free email accounts – Scammers and thieves like to hide. One of the easiest ways to hide your identity from a thief is to use a free email account. Most fraudulent transactions use a free email service. Merchants should not reject all transactions from a free email service. However, you may want to provide those requests with more scrutiny.
5. Browse orders with a different shipping address than the billing address – The thief with the stolen credit card may have the owner’s billing address and zip code. If so, he will receive an AVS and CVV match on his order. However, to receive your product they will request that the order be sent to a different address. Merchants must review all orders with a different shipping and billing address. If shipping to the address is a foreign country, please pay even more attention to the order.
6. Scrutinize International Orders / Foreign Credit Cards – If your business model requires you to ship to foreign countries, you must obtain an international business account. Since non-domestic orders have a higher fraud rate than domestic orders, having an international merchant account will provide you with a higher level of protection. Additionally, an international merchant account will allow you to settle in the local currency. If you need a domestic and international business account, you must use a load balanced payment gateway. Load balancing provides the merchant with the ability to use multiple merchant accounts under a single payment gateway account.
7. Understand that an authorization code does not mean that the credit card will not be stolen – An authorization code is provided when the transaction has been approved. However, an authorization code simply means that the credit card is valid and has the credit available to process the transaction. Ultimately, as the business owner, it is up to you to decide whether to accept or reject the transaction.
8. Use an advance fraud protection service – Advanced fraud protection services allow the merchant to block transactions by IP address, country of origin and other fraud filters. Advanced fraud protection services are often available as an additional service.
9. Use a PCI compliant data storage service – Merchants that are required to store customer credit card data must use a PCI Compliant Data Storage Service. A PCI-compliant data storage service allows merchants to transmit and store customer payment information in a PCI Level 1 certified data facility. Once the customer record has been securely transmitted and stored, the merchant can initiate transactions remotely without having to directly access credit card or electronic check information. This process is carried out without the merchant storing the customer’s payment information in its local database or payment application.
10 Review and implement PCI policies (Payment Card Industry Standards) – Merchants can review the PCI standards online at pcisecuritystandards.org. If you’re using a PCI-compliant POS solution and don’t store payment data, you’re already in good shape. However, traders should contact their merchant account provider for more information.
Fraud prevention is a necessary activity for traditional and online merchants. Exposing your business to fraudulent transactions and high chargeback rates is bad for business and could cause you to lose your merchant account. The leading real-time payment gateway services provide advanced fraud protection tools. However, many fraud prevention techniques can be implemented at no additional cost.
Main real-time payment gateway services
1. Planetauthorize (US Domestic and International)
2. Authorize.Net (United States Domestic)
3. PlugnPay (United States Domestic)
4. Skipjack (US National)
5. Electronic Processing Network (United States Domestic)