As the industry moves to accept more and more types of payments – online, instore, mobile, or via wearable device – the risk of data theft and credit card fraud inevitably increases too. Even with provisions in place such as chip protection and two-factor authentication, fraudsters are still able to compromise credit cards at an alarming rate. According to the most recent study from Federal Reserves Payments, “card-not-present” credit, debit and prepaid card fraud has significantly increased over the past couple of years, up 34% in 2016 reaching $4.67 billion from the year prior. Credit card fraud especially is a growing concern among small businesses and the end consumer and can have a devastating impact on its victims.
The Costs of Credit Card Fraud
The true cost of credit card fraud is more than just a dollar figure and it impacts a wide range of victims using cards in-person and online. When card information has been compromised, businesses are left spending money on fraud protection services and software, banks have to replace stolen cards on a regular basis, and consumers and businesses alike must spend the time and energy to report issues, change account details, and get a new card. Not to mention that many legitimate online orders get declined when confused as fraudulent, resulting in unhappy customers and lost sales for retailers. In addition, many fraudulent interactions are not reported to law enforcement and therefore leave the perpetrator free to strike again. Consumers spend their energy on working with their bank to void illegitimate charges instead of reporting incidents to the police and some businesses decide against reporting to maintain their reputation. To address the concerns around credit card fraud, credit card companies have started to charge fees that help cover the costs of fraud investigations – for example, charging a business a small percentage every time the company does a pre-authorization. As a best practice, most well-known credit card companies flag and investigate any transaction identified as fraud, even if the situation is completely innocent. Many companies don’t realize that they may be performing activities as part of their business processes that raise red flags at credit card companies. For example, trying to pre-authorize a card multiple times from a customer of good standing if the card gets declined.
How to Protect Your Business
To protect your business and customers from credit card fraud, and as a consumer yourself, consider the following.
- Be vigilant. Always review credit card transactions in your account on a regular basis for any suspicious charges.
- Have the right contact information on hand. As soon as you suspect an issue or fraudulent activity, make sure you know who to contact to cancel the card and void any charges.
- Change online passwords and pin information if you suspect your information has been compromised. Never send sensitive data like credit card information through email, encrypt data where possible and make sure you use complex passwords and update them regularly.
- Work with a software solution that has provisions in place for meeting PCI compliance and for keeping data safe. When using software to process and store credit card information, make sure it provides an encrypted data vault for doing so. It’s also important to educate your team on proper business practices - managers must implement proper processes for accepting credit card information and employees must be trained on meeting PCI Compliance.
- Review all the charges and fees associated with processing credit cards at your business – make sure you know which types of activities can flag cards as fraudulent.
- Never access banking or credit card information over an unsecured network – such as free, public WiFi.
Learn more about how to protect yourself and your business from other common scams.
