Preventing fraud
Protecting revenue is vital to your business. The increase in fraudulent payment activity is one of the most critical issues facing business owners today. While you can’t eliminate fraud, there are steps you can take to help you prevent it, no matter how and where you accept credit card payments.
Following is a list of tips we’ve assembled to assist you in recognizing fraud attempts and thereby reducing the revenue losses, product write-offs and fee expenses transaction fraud can entail. In addition to our own tips, the individual payment brands have best practices and guidelines that may benefit your business.
Tips to avoid fraud in-store
In-store, face-to-face transactions provide opportunities to build customer relationships. Unfortunately, brick and mortar locations also provide unique opportunities for enterprising fraudsters, opportunities that your investment in proper technology, consistent hardware and software maintenance and employee training can short-stop.
Protect your POS equipment and its placement
- Track your POS hardware and serial numbers
- Routinely inspect credit card terminals and PIN-entry devices to confirm serial numbers and ensure there are no signs of tampering
- Use secure stands, tethers, or security cables to prevent equipment "swaps"
- Check the retail environment for unauthorized hidden recording devices
- Install security cameras
Train your staff on POS equipment tampering prevention
- Help employees recognize the noticeable signs of equipment tampering
- Validate the credentials of all POS equipment service and repair technicians
Work with your vendors to manage your POS equipment
- Alert your third-party contacts of any vulnerabilities related to remote access to the POS
- Require your vendor to secure and maintain your POS systems in accordance with the Payment Card Industry Data Security Standards (PCI DSS)
- Implement the following security practices to mitigate your risks of fraud from remote access to your POS:
- Disable remote access from the Internet or turn it on only when necessary
- Only use remote management applications that offer strong security controls
- Use the most current version of a remote access product or service
- Always change the system (or manufacturer) default passwords
- Restrict remote access credentials only to third parties who need access
- Enable data encryption and logging features on your network
- Implement a hardware-based firewall with advance security features
Tips to avoid fraud in online transactions
Keep your transactions flowing smoothly and protect against card-not-present fraud with the help of the following products and services:
- Address Verification Service (AVS) — Reduces the risk of accepting fraudulent transactions by verifying the cardholder's billing address, which is on file with the card issuer
- Card Security Verification — Compares the card security value, non-embossed 3- or 4-digit numeric code on the credit card, with the issuer's value on file. Credit card verification programs are offered by the major payment brands and are known as CVV2 (Visa), CVC2 (MasterCard), CID (American Express) and CID (Discover Card)
- Payment Brand Data Security — Support to assist you in complying with Visa’s Cardholder Information Security Program (CISP) and Mastercard’s Site Data Protection Program (SDP)
For more detailed information on the above, visit:
- Payment card account verification codes: card & address
- Visa's CISP Data Security Standard Explained
- Mastercard Site Data Protection (SDP) Program | PCI DSS Compliance
Tips to prevent and manage disputes (chargebacks)
The term "chargeback" describes the process that occurs once a customer “disputes” or refuses to accept responsibility for a charge on his or her credit card. Disputes may not only result in lost revenue. They can also take valuable customer-facing time away from staff and penalize your business with higher transaction fees if the number of chargebacks becomes excessive.