The advent of e-commerce opened a realm of new online opportunities for everyone, from small businesses to consumers, and unfortunately also to fraudsters.
Those wishing to commit credit card fraud prey on novice online business owners’ lack of awareness and experience with technology as they transition from brick and mortar operations to the digital world. Before taking your business online, be sure to take these simple and necessary steps to prevent falling victim to payment fraud.
Have Proper Record-Keeping of Transactions
Your online business should have organized records of all sales. As you reconcile these accounts daily, you should begin to take note of your customers’ buying patterns, and it will become easier for you to use your discretion to determine if a transaction is suspicious.
You should always keep a receipt or proof of delivery to prevent refund fraud – the case of a dishonest customer attempting to reclaim an item that they already received.
The more organized and thorough your records are, the easier it is for you to avoid fraudulent payments or prove that you are not liable for any fraudulent refunds.
Contact Customers to Validate Purchases
If you have the means of communicating with your customers via text messaging or email updates, be sure to let them know when you have received a payment from them for an item in your store. This way, they can be made aware of their credit card being used fraudulently without their knowledge.
Encourage Secure Passwords
If customers have to create an account to purchase on your website, have rigorous password requirements. The Payment Card Industry Security Standards Council found that 80% of hacking attacks could be prevented by strengthening passwords
Hackers use sophisticated programs that can run through all the permutations of a password, so it’s much easier for them to hack a simple one, like “password” or “1234”, than it is for them to hack a more complicated password. Best practices often call for at least an eight-character, alphanumeric password that requires at least one capitalization and one special character (for example, “P@ssw0rd!”).
Set Limits to Customer’s Daily Purchases
Based on the typical shopping patterns you observe over time, you can consider setting a reasonable limit to the total number of purchases and total dollar value you’ll accept from one customer in a single day.
Use the Address Verification System (AVS)
Address Verification Systems compare the numeric parts of the billing address stored on a credit card to the address on file at the credit card company. AVS is a fraud tool included in most payment processing solutions and is available with FAC for online merchants to apply as part of their order screening process.
Require the Card Verification Value (CVV)
CVV validates the security code found on the back of the credit card, which confirms that the purchaser has the physical card in hand. When credit card information is stolen online, the security code isn’t included with it, so it’s virtually impossible for fraudsters to obtain a credit card’s security code unless they’ve stolen the actual credit card. FAC includes a tool to require CVV as part of their checkout templates.
Restrict Employee Access to the Payment Gateway
As the owner of your business, you should be the master administrator of your website. This means you should restrict who has access to the payment gateway by controlling the permissions on your online portal. Your payment gateway company can help you with this. By limiting access to the payment gateway, you reduce the chance of employee fraud.
Although there’s always the possibility of fraud when conducting online transactions, by no means should you merely accept losing revenue and succumbing to chargeback fees as a cost of doing business online. By being proactive with these practices, you can significantly reduce your chances of an attack and keep both your business and your customers safe.