When it comes to credit card fraud, retailers can find themselves caught in the middle. You may find yourself liable for purchases made on a fraudulent or unauthorised card and face reputational damage. The ARA has pulled together some tips for recognising and preventing attempts at credit card fraud both in store and online.
Preventing credit card fraud online (card not present transactions)
Implement good security practices in your online store, for example:
- Use your e-commerce platform’s in-built security features
- Use 3D Secure – after entering their card details, customers are required to enter additional security data such as a code sent to them by their card issuer before the payment is processed
- Add Captcha to your checkout page
- Consider requiring customers to create an account on your website in order to pay for goods rather than allowing them to pay via a guest checkout
- For click-and-collect transactions, ask the customer to show photo ID and the card used to make the purchase before handing over items.
Preventing credit card fraud in-person (card present transactions)
- Train your staff to look out for the signs of someone using a fraudulent card, which include:
- Asking for transactions to be entered manually, especially after the card has been declined after trying to tap, swipe and insert
- Asking for a payment to be split across multiple cards
- Purchasing very expensive items without regard to the price
- Purchasing a large quantity of the same product
- Appearing in a hurry.
- Never enter the transaction manually if the card is present, and watch to make sure the customer isn’t entering details manually on your payment terminal
- Never accept a card if the expiry date has passed or if it has been damaged or altered
- Make sure the card type matches the number (a Mastercard always starts with 5 and a Visa always starts with 4)
- If a signature is required, check to make sure the signature on the card matches the customer’s signature
- Check to make sure the last four numbers on the merchant copy receipt match the last four numbers on the card
- Keep your payment terminal in a secure location and don’t leave it unattended
- Change the password/ pin for your payment terminal regularly and share it with as few staff members as possible
- Always process refunds to the same card that was used to make the original purchase, and consider only allowing a small group of staff to process high value refunds.
If you suspect card fraud
Train your staff to take the following actions if they suspect that a customer is trying to commit fraud:
- Request to see the customer’s ID
- If still suspicious, call your payment provider’s Authorisation Centre for assistance
- For online orders, don’t ship items if you are suspicious about the transaction.