Did you know that fraud was 81% more likely in online card-not-present sales, according to a Javelin Strategy and Research Study? As online sales continue to grow, it’s important for business owners to look out for fraudulent purchases.
Catching suspicious activity as it happens and safeguarding your site to deter would-be online fraudsters can save you the stress of having to deal with fraud investigations. The research by Aite Group estimates that merchant losses to e-commerce fraud are projected to grow to $6.4 billion in 2021, so business owners should identify how to minimize this risk.
To help you prevent credit card fraud for your online transactions, start by incorporating these eight simple strategies into your ecommerce business.
Use PCI-compliant payment vendors, software, and hardware.
When it comes to choosing a payment processing company to work with, as well as your e-commerce platform and hardware solutions, you should work with reputable vendors that value security. The gold standard to look for or ask about is PCI-DSS (Payment Card Industry Data Security Standard) Compliance. This means that a company meets a set of requirements that ensures transactions are encrypted and secured from end-to-end. If you use a third-party payment processor, they will handle most of the compliance burden for you. For those businesses using a merchant account, your provider should offer assistance with the annual PCI DSS self-assessment that your business is required to do. Lastly, make sure that all of the hardware and devices used for payments have high-end encryption.
Require CVV security codes.
The problem with card-not-present transactions is that you don’t get to look at and verify a physical card. It’s important to be cautious when taking payments over the phone and for online transactions. Having your online shoppers type in the CVV code printed on their actual credit card, or relay it to you over the phone, is another layer of protection worth implementing. While you’re at it, make sure your forms also require full contact information including a phone number, in case you need to reach out to the buyer to verify the order.
Look for any red flags with email addresses and/or shipping addresses.
An address verification service (AVS) will cross-check the customer’s billing address with the credit card issuer’s address on file. This is an important tool for spotting fraudsters who gain access to credit card numbers. You might also consider preventing shipments to P.O. boxes since those aren’t physical addresses that can be investigated in the case of fraud.
Set purchase limits.
The last thing you want is for someone with a fraudulent card to head to your ecommerce site and charge up thousands of dollars or make multiple purchases in a row. By having a limit in place, you won’t necessarily stop the fraud, but you can minimize the potential damage (and maybe send the thief to look for an easier target). Bonus tip: Regardless of limits, stay alert for any unusually large purchases, or if you notice multiple transactions from a single card to all different shipping addresses.
Perform security maintenance on your website.
Always having the latest software and plug-ins running is important as they often include security updates. There should also be regular scans on the website to look for malware and frequent site backups. investing in these security measures is well worth protecting your inventory and your customer data.
Have stringent password requirements for your admins and customers.
Make sure that everyone who touches your site uses strong passwords, both on the back end (from your admins and hosts to database managers), as well as your customers on the front end. The strong password will make it harder for hackers to get into your site, or thieves to place orders using someone else’s customer information.
Restrict IP addresses from areas you do not ship to.
Filtering and/or blocking IP addresses can help flag orders from areas outside of your shipping zone, such as from foreign countries if you only ship domestically. You should also use software to detect if an IP address and shipping address don’t match up (such as if they are in completely different parts of the world), which can be a sign of fraud.
Consider a fraud detection service.
There are many options and levels of anti-fraud solutions that use various tools to detect and stamp out fraud. Depending on your business type and your budget, you might go with a simple DIY solution, or you could hire a firm to manage it for you. Do your research and get referrals from other businesses in your industry to find the appropriate solution for your business.
Though it is difficult to prevent fraud completely, there are many options available to help you safeguard your online sales. Connect with a Merchant Services Business Consultant to determine what protection is best for your business.
This content is for informational purposes only and is not intended as an offer or solicitation for the sale of any financial product or service. It is not designed or intended to provide financial, tax, legal, investment, accounting, or other professional advice since such advice always requires consideration of individual circumstances. Please consult with the professionals of your choice to discuss your situation.
Unless otherwise specified, all advertised offers and terms and conditions of accounts and services are subject to change at any time without notice. After an account is opened or service begins, it is subject to its features, conditions, and terms, which are subject to change at any time in accordance with applicable laws and agreements. Please contact an M&T representative for full details.