How to Protect Your Business from Credit/Debit Card Fraud
As more and more customers pay with credit cards and Apple Pay rather than in cash, new fraudulent schemes are emerging and causing headaches for retail businesses. A common credit card fraud involves stealing someone’s credit card number and personal information, and then using that information to purchase products online. According to Security.org’s 2023 Credit Card Fraud Report, 65% of credit card holders have been victims of credit card fraud at least once, and 44% of credit card users have suffered from multiple fraudulent transactions. As the number of credit card fraud incidents increases, credit card fraud schemes are becoming more sophisticated, and the ACH and check fraud is following the trend.
1. Have you seen an ATM machine tampered with a skimmer?
Across the regions in the United States, discoveries of skimmers are making rounds, raising alarming voices from the newspapers. It involves secretly attaching a card reader called a skimmer to a payment terminal or bank ATM. The device can clone a card number unknown to the card user, and a hidden camera is used to watch and steal the customers’ PIN numbers as they enter it using the keypad. Once they have the card number and PIN, they can use a clone card to withdraw cash using the PIN number.
In a major fraud case reported in San Diego, a man stole 49,000 card data, created fake cards, and withdrew nearly $500,000 that was swiftly funneled out of the country. If you have an ATM machine in your retail store, carefully inspect the card slot. If it’s flimsy or wobbly like it’s been glued on, it could be a skimmer that has been installed, experts say. When entering a PIN number, customers should make sure they cover the typing hand with the other hand to prevent it from being watched or recorded.
2. Found an abandoned USB on the retail floor and plugged it into my computer
A criminal posing as a customer walks in and secretly leaves a USB storage device in plain sight of the owner. In many cases, the store owner or employee may unsuspectingly plug the USB into a store computer to check its contents, unknowingly installing malicious code on the computer and opening the door for a hacking attack that steals customer information. Alternatively, emails may appear to be from banks, government agencies, or other business-related entities, such as finance, HR, tax, or marketing, invite you to visit a fake website or click on a link that contains malware, which can lead to hackers trying to steal your customer’s credit card information.
3. The signature on the credit card is different from the signature on the receipt!
Credit card fraud is also common offline. Even if it’s a hassle, you should make sure that the signature on the back of the credit card matches the signature on the receipt. This is an important step to verify that the rightful owner of the card is using the card. This is especially important for a high-amount transaction. You should also make sure that the last four digits of the credit card matches the last four digits printed on the receipt. This is another critical step that can secure the transaction.
Generally speaking, most credit card fraud occurs when the cardholders lose or misplace their cards. When someone’s using a credit card information from a stolen card or actually attempts to use a stolen card, the card owner can act quickly to prevent further damage by freezing and canceling the credit card account immediately. When you spot a suspicious customer, you can ask, as a merchant, for an ID card and check it against the name on the card.
4. After entering the card number manually, I realized that I got chargeback scammed?
A chargeback occurs when a customer asks their credit card company or issuing bank to cancel a transaction that was authorized on their card, claiming that they never received the item or made the purchase. How is this your responsibility? Until September 2015, card issuing banks were liable for chargebacks even if a merchant was paid for goods or services with a counterfeit card as long as the authorized receipt was signed. Since then, however, fraudulent transactions have increased, leaving merchants on the hook for chargebacks when a counterfeit card with a compromised EMV chip is swiped with an old terminal. The fraudster would claim that the chip on their card is not working and swipe the magnetic stripe or ask you to manually enter the card number. After the purchase is made, the criminal requests a large chargeback from the card company and resells the item elsewhere. If you didn’t use an EMV terminal, you can’t get compensated for the chargeback.
**What is an EMV terminal?
EMV is the initials of the three companies (Europay, Mastercard, and Visa) that originally developed the standard.
EMV chip cards are more secure than traditional magnetic stripe cards because they contain a special microprocessor chip that stores and protects cardholder data.
5. Stolen checks can cost you more than cards!
Losing a single check can be more dangerous than losing a credit card. 36% of businesses in the U.S. still use checks to make payments, so it’s important to pay particular attention to business-to-business (B2B) transactions. Because checks are paper, unlike cards, it’s relatively easy to duplicate them with today’s printer technology. With stolen checks, fraudsters can forge signatures and commit fraud boundlessly. Therefore, merchants should order only the necessary quantity of checks, store them in a safe place, and constantly monitor the bank accounts from which the checks are drawn. When you need to mail a check, you should take it to the post office in person if possible, and write it with an indelible black gel ink.
6. If you have to accept a check, always check IDs!
Even in the digital age, there are reports that check fraud is on the rise. According to the Federal Trade Commission (FTC), there were more than 40,000 counterfeit check scams in 2022, resulting in more than $124 million in monetary losses. If you’re accepting customers who need to use checks for any reasons, make sure to verify the customer’s ID. In any case, the name on the ID should match the name on the check, and if you’re being pleaded with an excuse, you should offer a different payment method. This is a rule that should never have an exception. It’s best not to accept checks, but if you’re dealing with a regular or trusted customer, your risk of check fraud may be low. Check washing scams are also on the rise, in which thieves steal checks from the mail, wash out the payee and amount to create a blank check, and use it to deposit money into their own account at a bank or ATM. This trick can be prevented if you use an indelible permanent pen as suggested above.
7. Returning stolen items? Receipts can be forged!
According to the National Retail Federation, nearly 1 in 5 purchases end up being returned. As a retailer, you often have to deal with product returns from customers who are unhappy with their purchases. Scammers often swap the price tag on an expensive product with a cheaper one, buy the item, change the price tag back, return it, and pocket the difference. Therefore, you should use a price tag that is not easily removed, and make sure that the price tag matches the item. Recently, there have been websites that allow you to make fake receipts, so you should pay special attention to customers who are insistent on getting their refund and see if they are using a fake receipt.