[tweetmeme]If you accept credit card payments, it is important to take steps to prevent your business from becoming a victim of fraud. If you are one of those who believe in the “innate goodness of men,” then make sure that you don’t bring that philosophy when it comes to accepting credit card payments.
Credit card fraud is a common problem for both big and small businesses, costing businesses billions in dollars. It is critical that you take the necessary measures to protect your business. If you don’t, you are jeopardizing your ability to accept credit card payments, not to mention the fees that you will be slapped for excessive chargebacks.
If you are accepting credit card payments face to face with the customer, the first step is to familiarize yourself with the security measures of credit cards. For example, all Mastercard accounts begin with the number 5, Visa with 4 and American Express with 3.
Your first line of defense in fraud is always knowing what to look for. Some cards have photos of the card holder; be sure to check the photo if that is indeed the person standing next to you paying with that credit card. Cards also use holograms that will appear to move and reflect light when rotated. The signature panel must be tamper proof. The embossed account number printed at the front must match the numbers at the back. CreditCardFinder.com presents detailed explanation of how to spot a fraudulent credit card.
Always ask for identification, especially if the credit card is unsigned at the back. You are within your right to check for identification, so don’t hesitate to use it. More so if the body language of the customer – e.g. calling the person by the name written on the card doesn’t elicit any response – is suspicious.
If you are running an online business, there are a number of red flags that you need to watch out for. Make sure that you use the tools available to you to check whether the transaction is legitimate or not.
One way is to use the CVC2 and CVV2 verification methods, which are three digit codes at the back panel of the cards used to check legitimacy of their account numbers and confirm that those customers possess genuine credit cards. Below are the distinctions of the major providers:
- CVV2 – Card Verification Value – Visa & Diners Club – 3 digits
- CVC2 – Card Verification Code – MasterCard – 3 digits
- CID – Card IDentification – American Express – 4 digits
Make sure that you use the Address Verification Service (AVS). In the US, AVS checks if the cardholder’s address and zip code matches the information at the card-issuing bank. AVS only uses the zip code and numeric portion of the billing street address. If the AVS is declined, be sure to contact the customer for additional information (for example, the name of the issuing bank, the bank’s toll-free telephone number, etc.).
Another simple strategy to use is to make sure that your order form captures the IP address of the person using the card. The location of the IP address must then match the location specified in the billing address. We’ve had instances when the IP address is in Vietnam, but the billing address is in Ohio. We called the phone number provided in the billing information, and got hold of the real card holder (yes, the fraudsters sometimes use the billing phone number of the real card holder).
If you really feel suspicious about the order, call the credit card issuing bank to verify the validity of credit card and get general information about the account. Don’t hesitate to call the customer – if the phone number has been disconnected or you were given a false phone number, then cancel it and don’t fulfill it. You can also request more information from the customer before you fulfill the order, such as a photo ID sent through fax.
For more tips, read the article “Red Flags For e-Fraud”