Fraud Prevention
- Never give out ANY personal information over the phone, such as SSN, PIN numbers etc.**
- Use Cash as much as possible.
- Check your credit report. This allows you to see any fraud occurences.
Merchants should remember to obtain a signed sales docket, and confirm the signature matches the signature on the back of the customer's card. Asking to see the customers identification (ie... Drivers License, State, Government, or Military ID) should in most cases protect against fraud provided that the identification card is valid. Requesting additional identification, however, is forbidden by Visa, MasterCard, and American Express merchant agreements. This method's effectiveness is reduced due to the availability of false/fake identification cards which are readily available to criminals.
A common technique to prevent 'non-matching plastic' (credit cards which have been re-encoded with a different skimmed dump) which is employed by many companies, is to confirm that the last four digits embossed on the card match those on the magstripe (and therefore the sales receipt). This is called 'checking last four'.
Merchants should also obtain proof that the customer's card was present at the point of sale. They can obtain this proof either by electronically reading and submitting certain data present on the card's magnetic stripe, which is done automatically by most point-of-sale systems, by creating a manual imprint of the raised digits and symbols on the card with a manual card imprinter, or by reading the card's smart chip if it has one. See EMV.
In
In the
When a credit card order is received by phone, the merchant can require the customer to also fax copies of both sides of the credit card. This at least provides proof that the customer has possession of the credit card at the time of the order. Some merchants also require a copy of their state-issued ID, or driver's license. It also provides additional proof the person authorized the purchase, preventing a chargeback.
The problem with this method of fraud detection is that an amateur graphic artist can make a realistic 'scan' of a credit card and driver's licence to fool the unwary company. Many fraudsters have pre-made templates (Adobe Photoshop typically being the tool of choice) which simply require a quick change to the credit card number, expiration date, name on card, etc.
The Card Security Code can also be requested. As this number is printed on the card's signature strip or front but stored nowhere on the card, it can be used to verify that the customer has the card in his or her possession and that the card was not stolen by a "skimming" process.
Calling customers is not only an excellent way to detect fraud, but it can also be a valuable part of customer service.
Sometimes the fraudster will submit the actual phone number of the person whose card was stolen. If the card holder did not authorize the charge, suggest that they call their credit card company to report their card as stolen.
A merchant may call telephone numbers on the same day you receive approved orders, and be told that the telephone number has been disconnected, or the number has been changed. This should certainly send up some red flags for filling an order that was made without the card present.
This method of fraud detection is less than optimal because of anonymous pre-paid cell phone numbers or redirection service number such as Skype, and the lack of companies which readily check that the given telephone number matches the billing telephone number, often because they do not possess the ability to check such information. Indeed, in the European Union, there is no way provided to check the information without violating data privacy laws. Often doing a reverse telephone search online (available through some websites, or some popular search engines) will reveal a lot of information that will help you decide if a customer is providing legitimate information
Telephone Authorization Service Based on VoIP
The main problem in combating credit card fraud is to verify whether card details entered by e-shop’s client are in fact client’s details. Implementing a simple script provided by company specializing in offering such services (e.g. Proveout.com) in shopping cart of almost any online shop, allows merchant to initiate a VoIP call to merchant’s client within payment routine.
Implemented script generates a random number and shows it to merchant’s client and instantly initiates VoIP call to client’s phone number that he or she entered while going through the payment routine. When connected, client prompted to enter number that he or she sees on display using telephone keypad. By entering correct number, client proves that phone number provided in payment routine is in fact his or her phone number.
This simple routine takes no more than one minute and allows merchant to make sure that details entered by his client are correct, therefore making it impossible for card fraudsters to use merchant’s payment routine. Here we can face a situation described above - fraudsters can get hold of anonymous phone (cell phone, Skype etc.) number and provide it in merchant’s payment routine. But we must remember that city code of this phone number must correspond with client’s address and with client’s IP geographical location. Also, client’s telephone number can be checked against special telephone database that identifies phone number type. Depending on merchant’s preferences such phone numbers can be declined or marked as potentially fraudulent.
Here are some recommendations for credit card holders:
• Never write a PIN-number on a card.
• Never store the written down PIN-number together with a card. Memorize the number and never write it down.
• Sign the back of all cards.
• Never lend a card to another person.
• Never give anyone the PIN-number. No one (bank employees, cashiers) have the right to demand it.
• Do not leave a card unsupervised.
• Report lost credit cards to your bank immediately.
• Check statements for unauthorized charges, especially if you have used the card while travelling overseas.
Safety precautions at a cash dispenser (ATM)
• Try to use ATMs in an isolated location to reduce the chance of robbery or someone seeing the PIN-number you have entered.
• Do not allow anyone to see your PIN-number.
• Make sure you have everything after finishing a transaction. After finishing, you should have: a card, money and a receipt.
Safety precautions on the Internet
• Do not give your personal and credit card information to unfamiliar sites. Try to keep your purchases limited to the major online retailers.
• Make sure the site is using SSL encryption.
• Contact your bank immediately if you feel you have become a victim of online credit card fraud
No comments:
Post a Comment