As an online business owner, you should be aware of current risks that could damage your business. One such risk is card-not-present fraud. As the name suggests, this type of fraud occurs when a customer makes a purchase without having to physically present their card to the merchant. Whether it’s over the phone or online, this type of fraud is much harder to stop because the merchant can’t physically check the card for normal signs of fraud.
In a store, a merchant might check a customer's card to make sure it’s not missing the secure hologram, or to make sure the signature on the receipt matches the one on the card.
While it’s impossible to completely protect yourself from card-not-present fraud, there are steps you can take to minimize risk. One such step is finding a good card payment processor. The best processors will take precautionary measures to prevent card-not-present fraud. As a small business owner you, too, should know what to look for. Here are a few things that are important to consistently check:
- Verify that the address given by the customer matches the billing address on file with the credit card company. This is why it’s important to require customers to fill in a billing address during their online checkout.
- Validate the three-digit CVV security code found on the back of most cards. Make sure you ask for this detail during checkout.
- Use an authentication solution like Cardinal Consumer Authentication. When an online transaction is authenticated with Cardinal, the merchant enjoys liability shift on the transaction, meaning that the issuing bank validates that the buyer is who they say they are, and takes over the liability if the transaction is fraudulent. Cardinal can authenticate behind the scenes, using hundreds of data points like device recognition, IP address and many more, to verify that the person making the transaction is the cardholder.
Unfortunately, if a criminal gains access to a customer’s billing information and account details, it can be difficult to catch them because everything will appear correct online, even if they don’t have the physical card in their possession. This is why using an authentication solution is so valuable – it uses data points that a thief can’t duplicate, and because of this, the transaction can be flagged as fraud.
The worst part about card-not-present fraud is that the merchant bears the loss, unlike card-present fraud, where the card issuer is held responsible (unless an authentication solution is used; then the issuer takes on the risk). The cardholder will never be liable for fraudulent charges on their card – this is laid out in the credit card terms and conditions. It’s important to be aware of these risks and take every possible precaution to avoid them.