Fraud exists in many different forms. And as technology evolves, so will the methods fraudsters use to try to deceive your business. We provide a multi-layered approach to keep your transactions protected. We can also give you advice and guidance on how to ensure your business is compliant with the Payment Card Industry Data Security Standard (PCI DSS).
The methods of fraud your business may be exposed to vary depending on the way you take payments. In general, it can be broken down to two types:
Card Present fraud occurs when a customer’s details, such as card numbers, are stolen when the physical card is used for payment. Common targets for CP fraud are restaurants, retail stores and ATMs. There are many different methods of CP fraud, which we can help you be aware of to protect your business and your customers.
On the other hand, Card Not Present fraud occurs when the cardholder is not physically present during payment. This includes transactions made online, via mail order, over the phone or by fax.
These kinds of transactions are more prone to fraud because:
We can help you understand the different methods of CNP fraud, so you take the right steps to protect your business and customers from an attack.
This occurs when a cardholder’s new or replacement card is stolen before it gets to them. Properties with communal letterboxes, such as flats or student halls, are vulnerable to this type of fraud. With contactless technology becoming more and more a part of everyday life, there has been a growing trend in this type of fraud with the increase of upgraded cards going through the mail.
We work with the Royal Mail to monitor card losses, identify fraud hot spots and take preventative action. Card Companies use secure couriers to deliver to high-risk areas and may require customers to phone them to activate their cards before they can be used.
The magnetic stripe of a genuine card holds all the information a fraudster needs to create an effective copy. How the information is compromised can vary but it usually occurs during a legitimate transaction, including ATMs.
We work closely with our retail customers to help them improve their security and minimise the opportunities for card details to be copied. This, along with the rise in security measures such as chip and PIN technology, has helped reduce skimming and cloning fraud by nearly 80%1 in the past three years.
No matter how careful your customers are, cards are inevitably lost or stolen. Fraudsters then use them either in shops that don’t have chip and PIN, or to commit fraudulent transactions over the phone, by mail or online.
We use a number of initiatives to fight this type of fraud, including chip and PIN and tracking unusual customer spending. We also give retailers access to the Industry Hot Card File (IHCF), which lets them check whether a card has been reported lost or stolen.
With Internet shopping becoming commonplace, more and more people are entering their card details online. Keystroke or key logging is the process of noting the order of keys struck on a keyboard. This is typically done in such a manner that the person using the keyboard is unaware the fraud has happened.
Phishing is when fraudsters send emails at random, pretending to be a genuine company such as a bank, in an attempt to trick customers to give up sensitive information. These emails usually claim that the cardholder must update or verify their usernames and password, leading them to a fake website.
Even when using server authentication, you may need tremendous skill to detect that a phishing website is fake.
If a fraudster gathers enough information about a victim, they may be able to assume their identity and gain access to their credit or debit account. By masquerading as the genuine cardholder, the criminal can arrange for funds to be transferred out of the account. Or they can change their address and ask for new or replacement cards to be sent.
Malware covers a wide range of online methods of fraud, including the use of fake webpages, computer viruses, unsolicited emails or the spread of infected software. The fraudster may create a fake webpage and copy your payment page to capture your customers’ passwords, financial information or other personal details.