Let’s talk about payment fraud and how businesses can fight back.
Thanks to massive digital adoption during COVID-19, eCommerce has grown by 30% and transformed the way we choose to pay for things. There is a big but here, and it comes in the shape of increased consumer nervousness about fraud, with 59% of European consumers stating they’re more concerned since the pandemic.
More worrying for eCommerce businesses is that 67% of all consumers asked thought that shopping online more during COVID-19 has, specifically, put them at a higher risk of fraud.
It’s important that we demystify the world of cybercrime and help both consumers and businesses to improve their online confidence and fight back against the fraudsters.
What is payment fraud?
Payment fraud comes in many shapes and sizes, but essentially it happens any time something is purchased by someone who doesn’t have that right. With all today’s tech and data, how can a fraudster still manage to beat the system? Well, they could;
- Steal an actual card from someone. Chip & PIN offers protection, but contactless transactions can be made until the limit is reached.
- Buy something online without actually having the card, perhaps using information from discarded receipts or by purchasing card data.
- Use someone else’s identity and apply for a card or account in their name. Identities can be acquired using old bank statements and bills, or counterfeit documents.
- Take over an existing account and deceive the bank into making transactions and changes that are sent to them.
- Make a copy of the card, which is called skimming. This usually happens when a card is inserted into a terminal or ATM which has been tampered with, or when out of sight at a restaurant.
What can I do to protect my business?
Educate yourself and your teams, all the time! Fraud tactics and prevention tips change so quickly, it’s important to stay ahead.
- Ask yourself: do I feel confident that I understand the risks and types of payments fraud and are my teams trained to handle payments securely?
Check your website is safe and set up processes and reminders to re-check it frequently. Out of date software or long-used passwords can create an open back door for fraudsters.
- Ask yourself: are your plug-ins and software up to date and do you regularly scan for any viruses and malware? Do you frequently change your passwords, and keep them confidential?
Every business that sells online has to meet the standards in the Payment Card Industry standards (PCI DSS). Make sure you’re compliant, as it will help protect you in the event of attack by fraudsters.
- Ask yourself: is your business PCI compliant? Check with your payment provider if you need guidance
Only collect the data you need from customers – if you don’t hold data, fraudsters can’t steal it from you. Use encryption tools on your emails and business transactions to make your data difficult to use.
- Ask yourself: what data do you ask your customers to share, how do you use and store it?
Report fraud as it happens. By working together and sharing new scams and updates, we stand a much better chance of beating fraudsters.
- Ask yourself: do I have a process for logging and reporting fraud and have I communicated that to my employees?
Anything else I should know?
This is just the beginning of a journey towards fighting payment fraud but getting to grips with the basics is a great place to start. If you want to know more and to stay up to date, there are lots of resources available on the links below. Or you could always give us a call, and talk to our expert Cashflows team…
National Cyber Security Centre https://www.ncsc.gov.uk/
Action Fraud https://www.actionfraud.police.uk/