How can businesses protect themselves against chargeback fraud?
By Angela Bao
May 24, 2021
(Photo credit): Gettyimages.com/LeoPatrizi
From upgrading payment technology to securing cardless transactions, here’s what businesses can do to prevent fraud.
With the rise of e-commerce and contactless services during the COVID-19 pandemic, there has been an increase in fraud cases in the United States. Research estimates that payment card fraud in the United States has hit about $ 11 billion in losses by the end of 2020, and that credit card fraud is expected to increase even more over the next two to three. years. Unfortunately, this is an issue that affects both businesses and consumers, from customers having their account information stolen to businesses facing fraudulent chargebacks.
In particular, chargeback fraud is on the rise – however, there are a number of ways there are ways businesses can avoid this. Whether it’s upgrading their payment technology or taking a few more steps to keep cardless transactions safe, here’s what businesses can do to protect themselves and their customers against fraud.
What is chargeback fraud?
When the coronavirus pandemic forced countries around the world to go on lockdown, businesses had to switch to online and contactless business models to stay afloat – meaning they had to switch to payment methods, too. cashless. This change has led to an increase in chargeback fraud, where merchants must return charges for one or more items to the consumer’s payment account, in addition to paying charges to the bank.
There are three forms of chargeback fraud: cardless transactions, which are loosely defined as any transaction where the card is not wiretapped, swiped or inserted into a terminal; “Friendly” fraud, when a consumer makes a purchase but later disputes the charge; and account takeover, where cybercriminals steal or hack payment information stored by consumers.
(Photo credit): Gettyimages.com/sorbetto
Cardless transactions most often involve phone orders, recurring payments or subscriptions, and bills paid online. Unlike online transactions, where customers are required to enter their card information, along with CVV code, expiration date, and billing address as verification, some businesses do not have the security measures in place. suitable for handling cardless transactions. said Dustin Sullivan, vice president and national director of merchant sales at East West Bank.
“There is a lot of information collected [online]Sullivan said. “Whereas, think of the old-school pizza place: when you give them the card number over the phone, they’re just standing on their terminal typing it in.” This led to an increase in the number of consumers disputing the charges afterwards as companies were unable to prove these claims to be false.
Fraud detection methods
Instead of just collecting a customer’s credit card number, Sullivan recommends that businesses collect as much information as possible to protect themselves from potential or future fraud.
One of the most basic steps any business can take to avoid fraudulent chargebacks is to use Address Verification Services (AVS), Sullivan says. AVS is a tool commonly used by businesses in cardless transactions and works by verifying that the billing address entered by the customer is the same as the one associated with the card.
Businesses should also use other fraud detection methods, such as requiring payment card CVVs and card expiration dates. These few extra steps can really help a business in the long run, says Sullivan.
“When [business owners] come back to their current [merchant services] vendor and say, “Well the customer says it’s fraud, but we’ve got this receipt saying he signed for it,” the vendor is like, “well, did you collect that information on the transaction?” Sullivan uses as an example. “The owner of the business says no, we didn’t, we didn’t know you were supposed to – and so they lose these conflicts because they don’t have all the information.”
Merchant service systems can be a great tool for detecting and preventing fraud, Sullivan adds. Some systems may provide mandatory verification prompts for transactions deemed to be out of specification. For example, “if they have a sliding contactless terminal and they perform a cardless transaction, then it will ask for other layers of information to verify the validity of the transaction,” he explains.
Importantly, liability for fraud is also “more transferred” if businesses adopt fraud detection methods and update their merchant service systems, Sullivan adds.
“Basically how the burden of proof is laid down from the start is against the trader,” he says. “If the trader has shown due diligence and has all the relevant information, the burden of proof is on the consumer.”
Mobile payments and smart terminals
For fraud cases where your customers’ sensitive information is compromised, adopting mobile payments and smart devices can add an extra layer of protection.
Contactless payments, and particularly mobile payments, are more secure than using a credit card because all information transmitted between the card and the point-of-sale terminal is encrypted and tokenized, Sullivan explains. This means the merchant never sees the customer’s credit card information, which not only reduces the risk of the card being skimmed, but also helps keep it PCI (Payment Card Industry) compliant.
“Take advantage of software that will store the card information as a token and not the card information in total,” Sullivan advises. “They don’t keep cardholder data, which can put them in a very risky position to hold information that needs to be so secure, like a credit card transaction. This way, they will have risk free transactions that will always go smoothly. ”
To speak with the East West Bank Merchant Services team, click here.