Methods of protecting against payment security fraud

Methods of protecting against payment security fraud

  • Prevention

    Be alert

    Fraud evolves almost as quickly as technology, which makes it difficult to predict where a fraudster may target next. They’re always trying to find new ways around some of the more common fraud prevention tools (such as AVS, CVV and 3D Secure) by obtaining a cardholder’s personal data. And, our fraud reporter data typically shows up to 40% of fraud gets through systems undetected.

    That’s why we offer a multi-layered approach to fraud management, utilising a range of the world’s leading solutions, support and advice. Build up enough layers of defence before, during and after each interaction with customers. Then you can discourage even the most determined fraudsters.

    Know who you’re dealing with

    Fraud screening – detection and prevention

    In Card-Not-Present transactions, you can’t always be sure who’s on the other end of the payment. Our sophisticated fraud screening solutions can help you feel confident that the customer you’re doing business with is genuine.

    Our decision engine provides over 200 global, sophisticated validation tests in one convenient portal. It helps you decide which transactions to accept, deny or review. We also offer solutions for employment screening, tracing individuals or businesses, and for ‘Know your Customer’ compliance.

    Managing manual reviews

    Link analysis – establishing trends

    There’s been a rapid growth in Card-Not-Present transactions and the trend for more increased sophistication of fraudulent activity. It means manual review teams are facing significant scalability challenges. Link analysis, a feature of our fraud tool, is an effective tool that helps manual teams better identify the transactions that require attention.

    Our expert fraud partners have access to a host of databases, with billions of records. We can identify links from one fraudulent order to another. We find connections in email addresses, telephone numbers, shipping addresses and card numbers. This brings hidden fraud to light and can even expose organised crime rings.

    Data is power. You need to use it to establish trends, links and visibility to the scale of your fraud situation. That’s an essential part of a good fraud management strategy.

    Expose fraud wherever it’s hiding

    Fraud Reporter

    Identifies attacks from Fraud Alerts, so goods and services are stopped from being dispatched to fraudsters in as near to real-time as possible

    Gives you the ability to block suspicious accounts to prevent further fraud and loss

    Increases the visibility of fraud attacks where 3-D authentication protocols are used

    Gives advance notice of potential chargebacks, giving you more time to investigate and prepare a defence

    Analyses the most targeted areas and fraud trends to identify potential risks and threats

    Provides daily reports that help you monitor the effectiveness of the fraud prevention process.

    The right protection for your business

    Our independent fraud experts will work with you to develop a bespoke, multi-layered approach to effectively manage fraud and avert risk. They can highlight potential risks with a quick fraud health check. And help you with on-going projects and staff training. And more. They’ll give you the support you need to fight fraud in all its forms.

    This service is offered through our partner, Retail Decisions and will attract a fee based on your business needs.

    By providing insights into industry data, they’ll ensure your fraud management is benchmarked, reducing total fraud and identifying your key risks. They’ll help you deliver a more effective fraud management strategy.

  • Card Present

    Protection on the spot

    There are a number of industry-wide measures in place to help you fight against Card Present fraud:

    Chip and PIN

    Since its full UK rollout in 2006, chip and PIN technology has had a major impact in the fight against fraud. Whereas a signature can be forged, chip and PIN is extremely difficult for criminals to crack. If you process physical card payments, this measure will help you feel confident the customer is who they say they are.

    Mag stripe cards

    If your business welcomes international customers face to face, such as a hotel, you may deal with cards from other countries that are Mag Stripe only. This is common in American-issued cards and requires you to take extra precautions during a sale, such as matching card numbers and expiry dates to receipts.

    Card issuer security

    The major card issuers have taken steps to ensure your customers’ physical cards are as secure and protected as possible.

    How to spot a counterfeit card

    MasterCard- and Visa-issued cards have a number of identifying features that most counterfeit cards aren’t able to copy:

     First four digits of the embossed card number should also be printed directly below the main numbers. Check to make sure these match

     Hologram – when the card is moved at the right angle, a brand image should become visible. Visa has a dove and MasterCard has a globe

     Ultraviolet motifs – if you have a UV detector, you can check the card’s motif. If no image appears, the card may be a fake

    If you’re a Barclaycard merchant and are suspicious about a card during a transaction after making the standard visual checks, you should make a Code 10 call:

    Call  0844 822 2000

    Enter your merchant ID and press option 9

    An advisor will speak with the cardholder and ask them a series of security questions

    Once the questions have been completed, you’ll be advised of the outcome.

  • Card Not Present

    Always protecting

    You can’t be everywhere at once. That’s why it’s important to make sure you have the right measures in place to protect your business and your customers in Card Not Present transactions.

    Authentication

    Chip and PIN technology was a major step forward in the fight against fraud in face-to-face transactions. Authentication is a similar method of protection but for online shopping. Initiatives such as Verified by Visa and MasterCard SecureCode require your customers to identify themselves with a pre-registered password before each transaction. It adds very little time to the process and helps reduce credit card fraud online by declining transactions when the wrong password is entered.

    Card security code (CSC) and Cardholder address verification (AVS)

    For a fast and efficient way to validate the identity of a cardholder, CSC and AVS are hard to beat. The service works by electronically checking the last three numbers of your customer’s signature strip and the numeric of their address. It offers another level of security, helping you decide whether or not to proceed with the transaction.

    Frequency checks

    These are an effective way to monitor or control the number of transactions a customer makes based on a few different pieces of information, including:

      the card number being used multiple times

      the billing/delivery address

      the cardholder name

      their email address

      the type of product purchased (high value, desirable or easily re-sellable)

      their IP address (the unique address applied to each computer)

    PCI DSS

    The Payment Card Industry Data Security Standard (PCI DSS) is a set of industry guidelines designed to reduce your risk to fraud. It sets out a clear framework for the way you accept payments, the way you should handle customer card data and the security measures you should have in place. Being compliant helps protect you and your customers from fraud, and the associated costs such as chargebacks and retrievals.

    Want to know more? We can help you become PCI DSS compliant .

  • How we can help

    Keeping your security strong

    Our dedicated, award-winning security team can help you manage the risks and impact of fraud from an investigation, compliance and relationship perspective.

    They’ll work with you to create a bespoke package for your business, helping you ensure that your customers’ transactions are safe, secure and compliant with industry standards.

    We provide:

      advice and guidance on industry-wide initiatives and best practices to mitigate financial loss, and brand and reputational risk

      support through the management of Card Scheme Excessive Fraud and Chargeback compliance programmes

      operational expertise to manage Card Scheme and UK Cards Association fraud strategies that impact on you

      an award-winning PCI DSS Merchant Compliance Programme to reduce your exposure to the risks and costs of fraud

      industry-leading payment card fraud solutions in one convenient package to help protect your business at key points in the transaction journey

      dedicated Fraud Relationship Managers to manage key customers and those operating in high-risk business sectors