Online fraud is a major world industry. The U.S. is still the prime target and small and medium-sized merchants are on their own.
At last week’s Fraud 360 World Tour Boston, hosted by Kount, there were some alarming statistics revealed. One of them was the fact that 40 percent of U.S. retailers were utilizing EMV-ready point-of-sale software, and that online fraud was already up 18 percent from a year ago.
It begs the question: What’s online fraud going to be like when 80 or 90 percent of U.S. retailers have converted their POS software to accept EMV cards?
5 Security Strategies for Small Businesses
While big box retailers can afford to hire security and analytics departments, most SMEs likely cannot. So here are a few things SMEs can do:
1. PCI DSS Compliance: PCI DSS compliance is a set of security standards set by the Payment Card Industry for businesses that accept credit card payments to protect cardholder data. The standards improve from year-to-year. PCI compliance is very effective in securing data.
2. Multiple Layers: Hackers don’t like going through layers to get information. We’re not advocating SMEs making purchases difficult for customers, but we do advise using effective strategies such as two-factor authentication (which requires customers to create an account), challenge questions and 3D secure technology.
3. Outsource Your Payment Platform: Again, fraudsters don’t like steps. It is statistically proven that a hacker will lose interest with the more steps he/she must take because they work on the clock. Outsourcing your payment platform is a major hindrance for a hacker to overcome.
4. Hire a Chargeback Management Firm: Many SMEs think they cannot afford to outsource their chargeback and fraud management, but that is a common misconception. Lowering your chargeback and fraud frequency becomes recovered revenue. Additionally, many chargeback management companies give SMEs the tools over time to do it themselves.
5. Manual Reviews: Don Bush, Vice President of Marketing at Kount, asked a poignant question at the Fraud 360 seminar: What is normal activity for your business?
Merchants should never underestimate the effectiveness of taking the time to analyze transactions that show signs of fraudulent activity. Some red flags of fraudulent transactions include:
- Transactions made in bulk, fast succession: This behavior indicates the purchaser may possess a stolen credit card and is trying to capitalize in a small window of time before the card is invalid.
- Transactions made in the wee hours of the morning from overseas: Note where the transactions are geographically coming from. Hotbeds of online fraud include places such as Eastern Europe, Russia, China and Southeast Asia and certain African nations.
- Purchases on multiple cards, shipped to same address: Such activity indicates the use of multiple stolen credit cards.
- One card, multiple shipping addresses: Though it’s possible a consumer is buying the same gift for someone, this indicates organized fraudulent activity.
- Orders opting for overnight shipping: Fraudsters want the goods as soon as they can get them. We’re not insinuating that all overnight shipping purchases are fraudulent, but they are worth looking into.
Merchants Need to Work Alongside Acquirers and Payment Processors
Working with their acquiring banking partners and payment processors, merchants can effectively withstand online fraud attacks. Instabill offers fraud prevention tools such as 3D secure transactions, SSL layers and MaxMind fraud protection. Our merchant account managers can also assist in making your business PCI DSS compliant.
Expert advice a click away by choosing the live chat option below, or by calling us direct at 1-800-318-2713.