To help protect your business, there are some steps you can take to identify and reduce potential fraud. We’ve provided some guidelines below to help you to avoid financial losses and chargebacks. It’s worth reading these carefully, and sharing with your staff.
Card Present transactions
- Chip and PIN payments are the most secure type of transactions. As the cardholder inserts the card into the machine, you don’t need to make visual checks of the card machine.
- Sometimes the cardholder’s signature is required as verification. Make sure that the person presenting the card is the genuine cardholder, and follow the prompts on your card machine.
Checking the card
- Always use the most secure method possible when processing a transaction (usually chip and PIN). This is to protect you, as if you don’t use the most secure method of payment, this could lead to a chargeback.
- Check that the name on the card matches the signature, and remember to check the signature panel for signs of damage.
- If possible, check the spelling on the card and on the sales voucher.
- Compare the last four digits of the card number to that printed on the sales receipt. This will allow you to identify a cloned card.
- Check for the special mark on the card using a UV lamp. If you place the card under the lamp, you should see a hologram.
Checking the cardholder
The title on the card should match the customer, and look out for the following as possible signs of fraud:
- The customer seems hurried or nervous.
- They insist on taking the goods immediately (e.g they are not interested in free delivery).
- The customer takes an unusual amount of time to sign, referring to the signature on the back of the card.
- The customer makes lots of additional orders in a short period of time.
- If a transaction is declined, the customer then requests a lower value authorisation attempt.
Checking the transaction
- The customer makes an order substantially greater than you would normally expect
- The cardholder does multiple contactless transactions so that they do not need to enter a PIN.
What to do with lost or unwanted cards
- Store the card somewhere safely on your premises until the end of the business day.
- If the cardholder returns to claim the card, ask for their signature and check against the signature on the card. Only release the card if you’re sure they are the cardholder.
- Destroy any unclaimed cards.
Card Not Present (CNP) transactions
Card Not Present (CNP) transactions are higher risk as you can’t check the card or customer. Any fraudulent CNP transactions are your liability and are likely to be charged back to you.
Detecting and preventing fraudulent CNP transactions
- If a customer has made a purchase via a CNP transaction, the goods should not be collected by the cardholder. If the cardholder does wish to collect in person, they should present the card to pay at the time of collection.
- Fraudsters may spend time building up credibility and then place a large order or make a request for goods or services outside of your usual trade, such as money transfers.
- Never dispatch the goods to anybody other than the cardholder, and be wary if the delivery/customer is overseas.
- Look out for:
- First-time customers placing multiple orders
- Multiple purchases of the same goods, purchased on the same card
- A high-value order that is easy to resell
- Customers who hesitate or make errors providing their personal information
- Customers who are more interested in quick delivery than the price of the goods.
Delivery warning signs
- Never dispatch goods to anyone other than the cardholder, and be wary if either address is overseas.
- Goods should only be delivered to the cardholder’s permanent address. If you agree to send goods to a different address, take extra care and always keep a written record of the delivery address with your copy of the card transaction details.
- Only send goods by registered post or a courier company, and insist on a signed and dated delivery note.
Instructions for your courier
- Never deliver to an address that is clearly unoccupied.
- Ensure goods are delivered to the specified address, not given to someone who happens to be outside. The courier should return the goods if unable to complete delivery to the agreed person/address.
- Obtain a signature as proof of delivery, preferably from the cardholder.
- If you have your own delivery service, consider training your driver to check the card.
Keeping your Point-of-Sale (POS) device safe
Although chip and PIN has helped reduce fraud, it’s possible for criminals to target your POS device. Stolen devices can be used to produce fake magnetic swipe cards to use abroad in countries where chip and PIN isn’t used. A criminal may even pose as an engineer to gain access to your POS device and fit it with a data capture device.
- Only allow legitimate engineers or Paymentsense employees to remove your card machine from the premises.
- Fixed POS devices should be placed in a position where the cardholder can’t be observed while entering their PIN, and not in the view of CCTV cameras.
- Staff should be trained regularly on POS security and should report any incidents that they feel could be a threat.
- Carry out simple checks each day to ensure your device hasn’t been damaged or modified without your knowledge.