Offering your customers the ability to order items from the safety and convenience of their own phones or computers benefits everyone involved. They pay for the goods and services they want day or night, without the need to visit a physical store. Meanwhile, you get extra sales due to your multi-channel marketing savvy. Although fraud can represent a significant stumbling block that can cause plenty of financial stress, there are easy steps you can take to minimize the likelihood that it will happen to you.
How fraud can affect you.
If you own a small business with a tiny customer base, you might be under the impression that you will never be the target of unscrupulous cybercriminals. However, the fact is that fraudsters target businesses of all sizes, often taking advantage of smaller businesses’ limited financial resources, and lack of sophisticated monitoring tools, to mount attacks. If you are unlucky enough to become a victim of fraud, it can do much more than lead to a financial loss. It could potentially erode the reputation of your brand, and cause customers to feel safer shopping elsewhere.
Types of fraud.
Before we delve into techniques to minimize it, let’s examine the six most commonly seen types of fraud. These can be perpetrated against businesses taking payments over the phone or those accepting online payments.
• Card-not-present. This occurs when someone uses a stolen credit card to pay online or over the phone for a product or service. Initially, the person the card was stolen from loses money. However, the merchant will also end up in the red after needing to provide a product refund, and potentially paying bank fees that result from the chargeback.
• Affiliate fraud. This occurs when a criminal generates fake sales activity to gain commissions for your products.
• Chargeback fraud. This happens when a customer makes a purchase and receives the goods but then requests a refund through their credit card provider. This can take place for many reasons, but in all cases you as the merchant must provide the refund. Although you can dispute the charge, you will always be hit with a chargeback fee.
• Phishing. Criminals use schemes to hack into the customer accounts that you store, often gaining access to sensitive identity, and payment information. Also attacks that trick customers into revealing usernames and passwords often take place over social media and can lead to identity theft and unwanted purchases.
• Interception fraud. The criminal uses a stolen credit card to make an online or phone purchase. After the transaction is completed, they contact customer service and have the shipping address changed to their own.
• Triangulation fraud. First, the criminal creates a fake online store. When a customer buys something from it, the hacker steals their information. They then take that data and use it to make a purchase of the same items from a legitimate online merchant, which are delivered to the initial recipient. Finally, they use the payment information they stole to make additional purchases that are shipped to the criminal themselves. This type of fraud often goes undetected for a long time.
Considering the multiple types of crimes you are susceptible to, it is imperative that you take steps to reduce their effects.
Make security a priority.
When it comes to security, you can never be too careful or too up-to-date. Criminals are constantly sniffing around your digital perimeters in search of a chink in your armor. Therefore, make sure that the following are in place:
• Current SSL certificate.
• Updated shopping cart software and plugins.
• Compliance with Payment Card Industry Data Security Standards (PCI DSS).
• Frequent data backups.
• Strong passwords for admin accounts, dashboards, databases, customer relationship management platforms, etc.
• Regular malware scans.
• Encryption of all communications.
• Removal of outdated software and plugins.
Watch for red flags.
You might not have the range of sophisticated tools available to large corporations, but that doesn’t mean you need to be caught unaware by fraudsters. Remain vigilant to guard against the following warning signs:
• Inconsistencies between billing and payment addresses/
• Suspicious physical addresses from countries known to be high-fraud areas/
• Unusually large purchase amounts – particularly bulk quantities of products.
• Customer unwillingness to provide phone number or contact information.
Address verification services (AVS) are provided by many issuing banks and credit card companies. They enable you to check the address your customer provided against the one on file with the card company during the payment process. If an inconsistency is found, the transaction will be declined or flagged for investigation.
Require CVVs for all purchases.
Card Verification Values (CVVs) are the three- or four-digit numbers on the back of a credit card. When a customer provides this, you have more assurance that the person has the physical card in their possession.
Use Hypertext Transfer Protocol Secure.
HTTPS is the most secure protocol used to transfer a customer’s information between their browser and your website. In order to have this more secure and encrypted means of communication, you must purchase an SSL certificate.
Only collect what you need.
Hackers can only steal data that you have stored. Keep this in mind when you request information from your customers, and don’t retain data unnecessarily.
Limit purchase amounts.
Many fraudsterRes make multiple purchases in short periods of time or buy high-ticket items with their stolen information. To combat this, set limits on how much people can buy and the amount they can spend within a 24-hour period.
Remaining safe from fraud needs to be a full-time priority that you take seriously. After all, protecting your brand as well as the sensitive data and financial integrity of your customers is one of the best ways to ensure the credibility and longevity of your ecommerce or MOTO business. While freedom from fraud can never be 100 percent guaranteed, taking these actions can go a long way toward shielding your company and your valued patrons from the havoc cybercriminals can wreak.