Payment processing security: Reducing fraud for merchants and customers
Payment fraud is bad for everyone. For cardholders, payment fraud is an inconvenience and unnecessary expense; it means they must cancel their cards, acquire new ones and sometimes spend hours arguing about certain charges with their card companies.
For merchants, payment fraud can be even more expensive because merchants typically lose their merchandise and must pay the amount lost by the cardholder. Worse, the payment card industry can punish merchants for payment insecurity with heavy fines or a service ban. Thus, it is safe to say that everyone should work toward making payments more secure and preventing fraud as much as possible.
Here are some ways merchants and consumers can stay safer when processing payments and paying, so no one becomes victimized by fraud.
For merchants, reducing fraud isn’t just a good idea — it is absolutely mandatory. Not only does fraud needlessly cost merchants customers, due to loss of reputation and consumer trust, but it also literally costs merchants money. Organizations like the Payment Card Industry (PCI) levy fines and other penalties on merchants who don’t actively work to reduce the likelihood of fraud. Therefore, merchants should seriously consider the following techniques for reducing fraud in merchant payment processing:
All-in-one Payment Processing
Very few merchants are either in-store or online; most must be both. That means merchants need to find several payment processing providers, all of which offer comparable levels of fraud security — or they can look for one all-in-one solution. The fewer connections payment data must travel through, the fewer opportunity thieves have to get in and pilfer that data. Thus, an all-in-one payment processor is best.
PCI DSS Compliance
Not too long ago, five major members of the Payment Card Industry — Visa, MasterCard, American Express, Discover and JCB — banded together to create a set of security rules to reduce payment information theft. This council generated the Data Security Standard (DSS) and demanded all merchants that accept payment cards adhere to the regulations or suffer penalties.
Not only will being PCI compliant to protect merchants from lofty fines, but it is also an excellent strategy for reducing fraud. Regulations include adding encryption and firewalls, network access restriction and similar basic steps. The PCI DSS is a tool as much as it is a mandate.
Though all businesses are crazy for consumer data, storing customer payment information on an insecure server or device is asking for fraud. In fact, payment data should never touch an internal server; instead, that information should be tokenized, which means it should be encrypted well before it moves through a merchant’s system. Merchants should verify that their payment processors use tokenization to keep card information secure.
While merchants should take the lion’s share of responsibility for protecting cardholder information during and after the payment process, there are plenty of things consumers can do to reduce their risk and catch fraud fast. Some of the simplest tactics for reducing fraud include:
Consumers should always ask for and hold onto receipts for any purchases they make. Later, when payments go through the bank, consumers should double-check what money is taken from their account against what is written on their receipts. Often, fraudsters will falsify purchases from familiar stores that consumers might not catch. Receipts make it clear where they shopped, how much they spent and when, increasing the likelihood of catching a mistake or an instance of fraud.
Sometimes, consumers aren’t making purchases with trusted merchants. Sometimes, fraud occurs because consumers don’t know how to ensure their card data remains secure online, or they can’t distinguish when their devices are plagued with data-stealing viruses. Consumers should become more security savvy, perhaps taking a cyber hygiene course online or at a local community college.
Consumers should also be able to spot a scam when they encounter one. Online and in-person, criminals are always looking to get ahold of card data, so consumers must be able to recognize when a merchant is legitimate. There are several signs that someone can be trusted with payment information — and several signs of the opposite. Consumers should learn these signs by heart and look for them whenever they shop.
Payment fraud is a blight on the economy and a valid fear for merchants and consumers alike. Everyone should work together to reduce the opportunity and effectiveness of payment fraud, so everyone can profit in peace.