Credit card fraud is certainly a hot topic and quite frankly, it has been ever since cards became a major form of payment. Consumers and merchants alike are growing increasingly concerned with fraud and rightfully so.
According to a 2016 Nilson report, losses due to fraud topped $24.71 billion worldwide, representing an increase of 12% over the previous year. Closer to home, 47% of the world’s credit card fraud happens on American soil, making the U.S. the most targeted country in the world. Additionally, 46% of Americans have been victim to credit card fraud in the past five years, according to the report.
So what exactly is fraud and ultimately, how can you protect your business from fraud?
Although fraud comes in many forms, credit card fraud is the biggest epidemic plaguing both online stores and to a lesser extent, brick and mortar stores. Purchases made from stolen credit card numbers have become a huge problem as stores make the move online. In fact, there is so much opportunity for fraud that there is a huge black market for buying and selling stolen credit card information as well as other sensitive personal information. Unfortunately, as long as credit cards are used to purchase items (especially online), fraud of this type will be an issue.
Sensitive data like credit card information can be mined through advanced hacking (generally through online methods), so obviously shopping through truly secure portals is recommended and merchants would be wise to ensure that their sites are protected with the best software to deter fraudsters and their nefarious attempts.
EMV AND OTHER FRAUD DETERRENTS
EMV, or “chip” cards were developed years ago to make purchases more secure. The good news is that the U.S. finally upgraded to EMV in 2015, which essentially makes counterfeiting cards virtually impossible. The bad news is that while EMV helps with reducing in-store fraud, it doesn’t help online fraud. In fact, this just made fraudsters target new accounts as opposed to existing accounts. By the end of 2015, for instance, there was a 113% increase in new account fraud, which accounted for 20% of all fraud losses, as reported by the Nilson report. A growing number of merchants have started to use fraud detection software called tokenization, a technology that eliminates the need for retailers to store sensitive data on their network.
The Payment Card Industry (PCI) Council defines tokenization as “a process by which the primary account number (PAN) is replaced with a surrogate value called a token.” When tokens replace live data in systems, the result is minimized exposure of sensitive data to those applications, stores, people and processes, reducing risk of compromise or accidental exposure and unauthorized access to sensitive data. The result of tokenization is similar to EMV in which an individual card number isn’t used in the transaction; rather a placeholder value is assigned to each transaction.
The use of tokenization is becoming an emerging anti-fraud measure that’s gaining ground. In a 2016 article with CNBC, Avivah Litan, Research Vice President at Gartner, was interviewed and claimed that, “at least half of the nation’s largest merchants use tokenization; it’s at the center of Apple Pay and Alphabet’s Android Pay, and many credit card companies offer their own version.”
PROTECTING YOUR BUSINESS
In response to the growing number of both in-store and online fraud attempts, merchants are constantly searching for ways to bolster and secure their payment systems. And while staying one step ahead of fraudsters is sometimes easier said than done, merchants are definitely starting to realize the value of protecting their businesses against fraud – more specifically, credit card fraud, and are actively taking roles to ensure that their stores remain safe.
NMA’s Director of Risk, Pablo Nuñez, says it’s imperative that store owners make sure that they know how to operate their POS systems as well as payment terminals, both in-store and online. Nuñez stresses the importance of updating payment systems as well, making sure that the latest software updates are installed as these generally include security upgrades. Additionally, for brick and mortar stores, he states, “Merchants should be actively asking for identification when they accept credit cards for payment.” It may be a token gesture, but it goes a long way and most customers prefer this extra step of security before finalizing a purchase.
Payment systems are also becoming quite advanced and most of them include detailed analytics that can be reviewed and surveyed. While this type of advanced information is vastly under-utilized, it can be used to study customer habits (especially for online stores) including where purchases were originated and which cards were used. Red flags would definitely include:
- International purchases (especially multiple purchases) to the same address.
- Multiple high-dollar purchases to the same address.
- Multiple purchases sent to the same address but using different cards for payment.
- Different billing names with goods shipped to the same addresses.
In addition to identifying and possibly stopping potential credit card fraud, savvy merchants can readily use this type of information to find ways to market to their customers by learning their behaviors and catering to their shopping habits.
Fraud can be a big scary threat, but once a merchant understands how to take the proper precautions to curtail fraudulent attempts, their store will be much safer and the payment process will be much more secure. As an added bonus, customers prefer to shop at stores that offer secure payment terminals and they are more likely to return to make future purchases as well.
Keeping your business as safe as possible from credit card fraud while keeping your customers happy and ensuring future business creates a win-win situation for everyone. Read more about credit card fraud including other common types of fraud and learn how to protect your business today. If you’re ready to get started with NMA, we’re ready to help!