When you’re running a small business, every penny counts toward the bottom line, which means every business move involves a calculated risk. Even something as simple as accepting payment from a customer entails a risk: credit card fraud.
Make a big-ticket sale to the wrong person, and you may get hit weeks later with a costly chargeback. Set up an eCommerce site to broaden your customer base, and you’ll increase your exposure to payment scams. Whether in person or online, impostors with fake credit cards or stolen numbers can cause real financial damage — in lost merchandise, wasted shipping costs, and wages for staffers who have to sort out the mess. And the nation’s merchants are hit the hardest: As of late 2015, half of the world’s credit card fraud took place in the U.S., according to the U.S. Small Business Administration.
Fortunately, you and your team can minimize your risk of running into trouble. Here’s how.
1. Take advantage of technology.
MasterCard, Visa and other card issuers are harnessing anti-fraud technology to clamp down on illegal transactions. There are steps you can take now:
- Upgrade your point of sale terminal so it can process EMV chip cards. EMV cards, which contain an embedded memory chip for better security, have long been in use overseas, and now many U.S. issuers are switching to them as well. To spur their adoption, fraud liability rules were changed last year; now any merchant who processes a fraudulent credit card transaction without using up-to-date EMV readers may have to absorb the resulting losses. Speaking of equipment, note that most U.S.-issued credit cards use signatures for verification, though processes may vary depending on your system. If you use portable devices to process payments, Square and similar companies offer plug-in EMV chip readers for smartphones or tablets.
- Use address verification services. Offered by Visa, MasterCard, Discover, American Express and others, these automated processes match a customer’s billing address with the information the card issuer has on file to confirm the purchaser is bona fide.
2. Focus on the details.
A scammer who comes to your store and pays with a credit card (in what issuers call a “card-present” transaction) will likely have committed either identity theft or forgery. The identity thief may have gotten the card by stealing a wallet, intercepting mail or picking up a card after it was accidentally left behind. You can thwart the thief by paying attention to:
- The card’s expiration date. A card that’s expired might have been thrown out by the cardholder and stolen from the trash.
- The signature panel. Make sure the back of the card has been signed, and make sure that the card signature matches the one on the receipt.
- The customer’s face. Ask to see a piece of government-issued identification.
Meanwhile, a counterfeit card will reveal itself by lacking one or more of the widely used anti-counterfeit features, such as holograms and logos that can be read only under UV light. Other signs of fraud include:
1) The magnetic strip on the back. Is there a strip? Is it undamaged? Can your payment device read it?
2) The embossed numbers. Do they look irregular, mismatched or unevenly spaced?
3) The account number (if there is one) on the back of the card. Do the digits on the back match the ones on the front?
4) The signature panel. Is it the usual size? Does it have a printed background design or watermark? Is it embedded in the card?
3. Be skeptical about unusual situations.
For online or phone orders (also known as “card-absent” transactions), swindlers may try to pay using fake or stolen card numbers. Since some of the anti-fraud measures listed above just aren’t feasible, so you’ll want to take a few extra steps, especially if the transaction involves something out of the ordinary. Visa’s list of suspicious circumstances to look out for includes unusually big or costly orders, an overseas shipping address, the need for overnight or unusually fast shipping, multiple shipping addresses, and a request to have payment split between multiple cards.
- Collect as much information as possible about the customer and the card. Your order form should require the full card number, the expiration date, and the CVV2 (Card Verification Value 2), as well as the user’s phone number and email address. If possible, ask the customer to identify the bank that issued the card. If anything seems suspicious, you may be able to contact the bank to see if the phone number in its records matches the one provided by the purchaser.
- Record the time and date of transactions in case you need to follow up with the bank or the actual cardholder.
- Match billing and shipping addresses. Granted, a mismatch doesn’t always signal wrongdoing; sometimes the purchaser is sending the merchandise to someone else as a gift. But it’s unusual enough that it should give you pause.
- Don’t direct any payment to a third-party vendor or unfamiliar shipper. Sell only the merchandise you already have in your inventory, and rely on shipping companies you already know and trust.
Don’t delay putting credit card anti-fraud measures in place, because fraud levels continue to rise each year. Credit reporting agency Experian notes that by mid-year 2016, eCommerce fraud had risen about 15% over 2015 levels. Be safe; don’t be a statistic.
Try Lightspeed Omnichannel for free
Sell anywhere, anytime with the only all-in-one solution on the market.