Reduce Your Risk of Online Card Fraud

Simple strategies for outwitting the bad guys.

Although new EMV technology should help reduce fraud for brick-and-mortar retailers, experts expect to see an increase in online fraud as fraudsters turn their attention to the web.

Fortunately, there are steps businesses can take to protect themselves.

Stolen Card and Identity Theft Fraud

Typically, a business learns about this type of fraud when cardholders notify their issuing bank of a stolen card. The business is usually out the cost of the product or service because it has already been shipped or provided.

How can you protect yourself?

Verify Card Verification Value (CVV) and billing address // Verifying a card’s CVV code and billing address helps to confirm the cardholder is actually the person authorizing the sale.

Eliminate guest checkouts // Online businesses should require customers to register and create a unique user ID and password. New customers can be monitored and even limited in their sales activity.

For instance, a repeat user in good standing may be permitted to ship to a nonverified address, while new users may only be permitted to have the option to ship to their verified billing address, until they build trust with your business.

Utilize fraud scoring procedures and systems  // One of the more robust fraud management tools for online sales is a fraud scoring system. These tools, along with internal procedures, can be implemented to “rate” each sale to determine risk level.

Fraud scoring systems use a wide range of input, such as IP filtering, geography filtering, sales thresholds (including the amount of sale and number of transactions), proxy detection and even social media information.

Compromised Systems and Data

This fraud typically occurs when a point-of-sale platform, website or other system that stores credit card information is hacked.

The business may be liable for excessive fines and devastating negative exposure in their community. Here are some mitigating steps.

Utilize end-to-end encryption and tokenization  // When both technologies are deployed, hacking becomes extremely difficult. Most payment solutions can integrate them into your point-of-sale or website.

Implement 3-D Secure  // Each of the major card brands has a 3¬D Secure solution: Verified by Visa, MasterCard SecureCode, American Express SafeKey, etc. These solutions are integrated into a business’s website and provide a safer, more secure online payment method as the actual card data is not entered on the website. The cardholder authenticates the sale by entering in their user ID and password, which act like a PIN.

The drawback to these 3¬D Secure technologies is it requires cardholders to register their credit card with the corresponding card brand’s solution.

International Fraud

Businesses must be especially cautious with international sales because the Address Verification System doesn’t work in most countries. For this reason, businesses are encouraged to do business only with known international customers. For new international customers, be sure to conduct proper due diligence on the legitimacy of the cardholder and the sale.