(MENAFNEditorial)
Right Tech Support announces Tips for stopping credit card fraud and scam
Merchants and retailers are often on the front lines of managing payment card fraud. Online businesses face a
unique challenge because all purchases are made as a “card not present” transaction. But there are red flags
to look out for and security measures to put in place that will help minimize losses from online credit card
fraud.
Steve Chou co-founder of Bumblebee Linens has had years of experience dealing with online credit card
transactions in his e-commerce business. We reached out to him to share some of his “insider” tips and
expertise along with additional pointers. Below are 10 tips to prevent online credit card fraud:
1. Be wary of expedited shipping when billing and shipping addresses differ.
When the “bill to” and “ship to” addresses are different and the customer is asking for expedited shipping
there’s a high possibility for fraud Chou explains. Also when the “ship to” address is not the same as the
billing address for the card you are at greater risk of it being a fraudulent transaction. Different billing
and shipping addresses are not always a sure sign of fraud (for example honest customers may order items as
gifts). But for all large orders that fit this profile always call to try to match the phone number as well.
2. Make sure IP location and credit card address match up.
Chou recommends watching out for IP addresses from overseas that don’t match the address on the credit card
used in a payment. You can manually research an IP address at a site like IP-Lookup.net.
One way to cut down on the number of these kinds of transactions is to restrict all IP addresses that
originate from countries where you don’t offer shipping. Simply program your site to prevent such visitors
from checking out in the first place. Some e-commerce software platforms provide settings for you to block IP
addresses without requiring custom programming.
3. Watch out for suspicious email accounts.
Some email addresses can be a dead giveaway tipping you off you’ve received a fraudulent order says Chou.
Always check the email address used when placing that order. Does it read something like
bgh3423679@yahoo.com? If so it’s a red flag.
4. Do some research on that suspect address.
One way to detect a possible fraudulent credit card transaction is to research the billing address or
shipping address being used for the order. Fortunately there are tools that can make it easier to do this.
Chou suggests using Google maps or Zillow to try to assess whether the address is legitimate. You can use a
service such as ZabaSearch to make sure the person actually lives at the address in question or use address
verification services offered by payment brands.
5. Keep a log of credit card numbers.
Chou suggests keeping a log of whenever a customer tries to enter in a credit card number. If the number of
times is five or higher it’s likely to be fraud. Most credit card processors will allow you to review the
batch transactions for the day. Scammers will attempt many transactions using multiple credit card numbers.
Be sure to flag these.
6. Consider using a fraud profiling service.
Though it may not be necessary for every online store a fraud profiling service such as MaxMind is another
option says Chou. These services cross reference IP addresses names previous purchases and more. Studying
per-purchase behaviors allows these companies to give you a more informed assessment around each transaction
and to identify high risk transactions. Some e-commerce platforms such as Volusion offer add-on fraud
profiling services that work with their software.
7. Restrict the number of declined transactions.
Chou explains when scammers try to make fraudulent transactions sometimes this is done via a malicious
software script where many credit card numbers are tried in succession. Since you may incur a fee for each
declined transaction — even if it doesn’t go through — the solution is to restrict the number of times a user
can incorrectly enter in credit card numbers. Ban them once they exceed that number of attempted
transactions.
8. Always require the Security Code.
This security code is typically a three-digit number printed on the back of the card (in the case of American
Express four digits on the card front). It is not stored in the magnetic strip or embossed on the card so
it can’t be as easily retrieved by thieves unless the card is in hand. This code goes by different names
depending on the credit card brand: Visa calls it a CVV2 MasterCard calls it a CVC2 and American Express
calls it the CID.
9. Ship your orders using tracking numbers and require signatures.
A tracking number helps prove a package was delivered of course. While this may not protect your business in
the case of outright criminals it may help if you get into a dispute with a legitimate customer who says
they never received the package but you are sure it arrived. For expensive items always require a signature
upon delivery.
10. Strengthen your website security measures.
Beyond the individual credit card transaction pay attention to the security of your entire website and e-
commerce processes. Cyber attacks on small businesses are increasing mostly because small business websites
are perceived as softer targets than larger corporations.
Make sure your systems and services are PCI-compliant (i.e. meeting the payment card industry’s security
standards for e-commerce transactions) at every step of the way. Visa and MasterCard maintain lists of
certified PCI-compliant providers: Visa certified PCI-compliant providers; MasterCard certified PCI-compliant
providers. The major e-commerce software platforms or shopping cart providers will have information on their
websites about being PCI compliant. In addition Visa has an animated business guide to data security that I
recommend you watch. MasterCard also offers online fraud prevention training for merchants.
Some e-commerce sites use a “trust mark” security service that scans daily to search for malware and
vulnerabilities. Examples are Truste Verisgn or McAfee Secure. These services help you avoid and/or catch
problems quickly — in addition to increasing consumer trust.
Your e-commerce software platform — especially a hosted e-commerce service — may integrate advanced security
measures and handle it all for you as part of their service. Don’t assume — be sure to check.
No matter what software you use always update to the latest version as it becomes available. Updates could
include security patches vital to avoiding a breach of your site. One vulnerability on your server — even if
it’s not in your e-commerce software but in a different software program on the same server — could open a
backdoor for cybercriminals to get into all your customer data and steal credit card numbers and other
sensitive information. And that could cause you much greater losses and headaches than a fraudulent credit
card transaction.
For more information on avoiding fraud at your business and online credit card fraud you can check out
Community Merchants USA’s resources online.
http://www.righttechsupport.net
https://pinpoint.microsoft.com/Companies/4299375915
US/Canada Toll Free 1-855-217-9038
Mansfield MA 02048 USA