How to protect yourself against payment fraud
People’s comfort with buying things online has led to the number of transactions going up – but this also means the number of fraudulent transactions has gone up as well.
While the overall level of fraudulent activity remains low against legitimate orders, their effect is disproportionately large for small business owners.
For example, a fraudulent sale of $1000 at a major department store may be a blip on the radar but for a small business it’s much more of a body-blow.
There are two main types of common fraud that merchants should look out for:
- There are malicious fraudsters using stolen card data to process transactions
- Then there’s chargeback fraud, where a person maliciously a purposefully initiates a chargeback on an item despite having received it
It’s important to note that not all chargebacks are malicious – some are just the result in people simply forgetting they ordered something and then initiating a chargeback on something they think they didn’t order in the first place.
Now nearly all small businesses are processing online orders as well as old-fashioned orders, the chances of catching a fraudulent one are increased.
The increase in the number of transactions business owners are processing also means that there’s less time to run stringent checks for fraud.
It means business owners are stuck between a rock and a hard place, but new-wave tools are making life easier.
Tools like MYOB PayBy (with its fancy-sounding PCI DSS v3 Level 1 compliance gateway), make it easier to spot the signs of fraud and potential fraud before it happens.
To help fight current and next-gen fraudsters, here’s a list of best practice things you can do to make sure you don’t fall victim to sales fraud this holiday period:
Review sales orders for suspicious activity
Take a quick look at your transaction list at the end of the day and look for the following signs: unusually high transaction amounts; orders shipped to different addresses registered with the one card holder; multiple orders with the same card holder.
It doesn’t take a huge amount of time to play ‘spot the pattern’.
If you see a pattern which may be suspicious, don’t be afraid to get in touch with the cardholder – after all, you’re calling to alert them to potential fraud.
Set velocity transaction filter to run five transactions per minute
MYOB PayBy has a really neat feature where you can run a filter over your transactions in real-time, basically limiting the number of transactions one credit card holder can make in a given amount of time.
If you set it to five per minute, fraudsters trying to run five concurrent sales within a minute will be kicked out after five authorisation attempts.
Given a lot of fraudsters simply use bots to spam order (rather than it being an actual person on the other end of the sale), this is an effective way to trip them up.
Get a signature
When the goods are shipped, make sure you confirm the customer’s shipping receipt with a signature.
Sometimes there’s no real way of proving your customer got something – unless you get a signature on delivery.
Put customers on notice at the first sign of purchase abuse
If you notice a suspicious amount of orders coming through, then get in touch with the ‘buyer’ as soon as you can.
It’s generally a great way of clearing up any misunderstandings, while also letting any fraudster behind the order that you’re onto them.
That usually puts an end to further fraudulent activity.
Be fraud free
Products like MYOB PayBy provide sophisticated fraud management and detection services using MYOB PayBy’s centralised fraud management engine.
They offer businesses that are susceptible to payment card fraud superior risk mitigation through a variety of simple and advanced fraud screening techniques such as:
- Fraud detection and minimisation using advanced AI techniques from payment card processing
- Capability of real-time interception and rejection of payment transactions prior to submission with banking acquirer
- Assessing risk score and allowing transactions to be processed and flagged for further follow-up