Is Online Credit Card Fraud About to Increase?
November 12, 2015 No CommentsFeatured article by Tiffani Rowe, Independent Author
“A false sense of security.” That’s what the FBI thinks that the new “chip and PIN” cards being delivered to consumers is likely to create — and the agency is warning that everyone, especially online shoppers, needs to remain vigilant to avoid credit card fraud.
Chip and PIN cards are nothing new. For several years, retailers in Europe have accepted the cards, which transmit information about the transaction to the payment processor, including the card number and account details, via a secure token or one-time use code. These codes are practically useless to hackers, thereby protecting credit card users from having their financial data stolen. The cards themselves contain a chip, which when inserted into a special reader, makes the conversion; in order to complete the transaction, the customer must enter a PIN, instead of a signature.
As of October 1, 2015, retailers who aren’t set up for chipped credit cards face liability for fraudulent transactions made at their business. Unlike in the past, when credit card companies would reimburse customers who fell victim to fraud, now businesses must reimburse the customer if he or she used a chipped card to make a signature-based reader because a chip-enabled reader was not available. Despite the new liability, many small businesses still have not converted their readers — nor do they have plans to — which has some security experts and law enforcement agencies concerned, as thieves are likely to target these less-secure terminals. However, of even greater concern is the potential for online credit card fraud to increase.
Why Online Transactions Are At Risk
Online credit card transactions are what the industry calls “card not present” transactions. Instead of running the card through a reader and confirming the purchase with a signature (which can be confirmed against the signature on the card) or a PIN, all someone needs to do online is enter the card and billing information. As long as someone has the right information, including the card verification number that appears on the back of the card, the transaction will most likely be approved.
This means that while the use of counterfeit cards in stores is likely to decrease as the chipped cards become more widely available and fraudsters have a harder time creating the fake cards, they are likely to turn their attention to online merchants. There is actually solid proof of this issue: In Great Britain, for example, online fraud increased by 79 percent in three years after chipped cards were introduced. In other countries, including Canada and Australia, cases of online credit card fraud doubled.
Protecting Your Business
As an online business owner, then, how do you protect your business and your customers from online credit card fraud?
– Make security a priority. Many online entrepreneurs rely on antivirus software, but when you are collecting payment information, that isn’t enough. Website owners need to consider a comprehensive security suite that will protect against hackers seeking to take over websites and steal data. Firewalls, intrusion detection, and antivirus protection are all part of a layered approach to security that can keep your site safe from harmful attack.
– Learn the signs of fraud. Most fraudulent transactions share a few common traits: Unusually small or large orders, mismatched billing and shipping addresses, obviously fake phone numbers, IP addresses that don’t match the customer information. Develop systems for spotting these red flags and investigate such transactions before you process the orders.
– Require security codes. The three digit (four on American Express) codes on credit cards are designed to protect consumers against fraud, since hackers must have the card in hand to enter it. Require all customers to enter this number for all transactions.
– Confirm vendor security protocols. Many online business owners simply assume that their ecommerce platform vendors integrate the most advanced security measures into their service. This is a dangerous assumption to make, as not all vendors handle security the same way. Talk with your hosting provider to ensure that security is being handled correctly, and take measures to fill in the gaps where necessary.
Just because the likelihood of online credit card fraud is increasing doesn’t mean that your online business needs to fall victim to it. By taking the correct precautions to protect your website and remaining vigilant to the latest ploys by hackers and the ways to prevent them, you can keep your business from becoming another cybercrime statistic.