With the growing expansion of credit card use across every industry, the level of credit card fraud has also increased. For businesses, the consequences of a fraudulent incident can be devastating, often resulting in direct financial loss, reputational loss with customers, legal costs and distraction from core business practices. There are many types of credit card fraud that affect businesses – below are some of the most common fraud issues facing businesses and steps that can be taken to mitigate these risks and avoid credit card fraud.
Stolen Card/Identity Theft: Card information is stolen and used to illegally purchase services or products. Typically, a business is notified of the fraud when the true cardholder initiates a chargeback after notifying their bank of a stolen card; however, this is after the product has left the store or has been shipped.
Solution: In this situation, the best preventative measure is to know your customer. Businesses should flag orders that seem unusual, including large orders, international orders and orders made using several different credit cards. When the credit card is not present, businesses should always conduct Address Verification and Card Security Code validation.
Employee Perpetrated Credit Card Fraud: There are many types of employee perpetrated fraud; however, a common occurrence of this type of fraud occurs when an employee has access to credit card systems or processes refunds using their personal credit card. In essence, the employee is draining funds directly from the company’s bank account.
Solution: Businesses should ensure that only authorized employees have access to credit card systems, require password protection for processing refunds and change these passwords periodically. Additionally, businesses can reconcile bank accounts daily to catch these issues immediately.
Credit Card Data Compromised: This type of fraud is most covered in the news because it affects a large number of people at one time and can be devastating for the reputation of a business. This fraud typically occurs when a point of sale system, website or other system that stores credit card information is “hacked.” In these cases, the sensitive information from many credit cards can be stolen at once. The business may be liable for excessive fines and devastating exposure in their community.
Solution: Ensure the business maintains their PCI DSS Cardholder Security Certification, including system security scans and policies and procedures. Upgrading to EMV technology can also help mitigate risks associated with this type of fraud.
Freight Forwarding Scam: In this scheme, an order is made with a stolen credit card – many times, the caller is from a foreign nation. The fraudster calls the business to request shipment via a preferred freight carrier or logistics operation. The fraudster then authorizes an increase of their payment on the often stolen credit card to cover shipping charges. The business contacts the carrier who requires the shipping costs be paid upfront via wire transfer; however, the carrier is not a valid entity. Typically these orders are large and enticing – so much so that the salesperson may bypass internal procedures to capture the sale.
Solution: Never wire money associated for this type of shipment arrangement. Only use shipping companies known and trusted by the business. Businesses should be willing to walk away from a risky sale, especially if the sale originates in a foreign country.
MSP Consulting advises businesses on the above fraud risks and more and have generally found there to be a lack of advocacy for businesses as it relates to the safest methods of accepting credit card payments. By knowing these common fraud techniques and adopting procedures to mitigate fraud risks, businesses can be better prepared to avoid the significant impacts of experiencing credit card fraud.