Credit card fraud is a reality for many businesses, so the more you know about how it happens and how to prevent it the better.
Credit card fraud prevention tips
High risk credit card transactions
You need to understand that some credit card transactions come with a higher risk of fraud or charge backs.
Here’s a list of some high risk transactions.
- Accepting payment online, over the phone or by mail order (card not present transactions).
- Manually entering the card details into your EFTPOS terminal.
- Not getting authorisation for the transaction.
- Not swiping or inserting the card through your EFTPOS terminal.
- Not processing fallback transactions properly.
Even lower risk transactions, like card present transactions, can be used to commit fraud. Your credit card fraud protection booklet (PDF – 308KB) goes into more detail about these transactions and what to do if you accept them.
Check the card and the cardholder
Stolen or counterfeit cards and stolen credit card details are routinely used to commit fraud against businesses and their customers.
You need to check that any card or card details provided to you are valid and the person using them is the genuine cardholder. You can do that using a process of authorisation and authentication.
Authorise a transaction
- Use a reliable payment gateway like NAB Transact or an authentication solution like 3-D Secure for accepting online payments.
- Contact us using NAB Keyauth if you are suspicious of a transaction or if your EFTPOS terminal is offline.
Authorisation doesn’t guarantee payment and you still need to confirm that the person presenting the card is the genuine cardholder.
You might like to learn more about 3-D Secure by reading our blog article Online cardholder authentication.
Authenticate the card and cardholder
- Check the card details carefully. Make sure the name, expiry date and number match the person and the receipt details.
- Check that the card’s not counterfeit, for example, check the hologram is a 3D image.
- Watch your customers’ behaviour and purchasing habits.
- If you’re accepting payments online or over the phone, get further information or identification from the customer.
Secure your EFTPOS terminal
One of your responsibilities as a merchant is to secure your physical merchant services, like your EFTPOS terminal.
Customers and employees may try to tamper with your terminal to try and steal customer account data.
Common techniques include adding internal or external devices to your terminal to read customer data and using small cameras to capture PINs.
This can happen anytime, anywhere so be aware of who you let access your terminal.
Read about preventing EFTPOS terminal tampering (PDF-385KB).
Accept chip cards
As you may have seen in our video about skimming, devices inside or attached to your EFTPOS terminal can be used to copy card data from the magnetic strip on a customer’s card.
One of the reasons we encourage you to accept chip cards is the additional security benefits it offers you and your customers. Instead of data being held on a magnetic strip, chip cards use microchip technology to store account data.
Chip cards are almost impossible to counterfeit and come with the additional security of needing a PIN to uniquely identify the owner.
Secure your customers’ credit card data
There are many more sophisticated ways fraudsters can access customer and account data.
Fraudsters will take advantage of any weakness in your login details or remote access software.
In brief, to make sure data is secure you need to:
- protect your online login details using best practice authentication processes, and
- make sure your remote network access meets PCI Data Security Standards.
Just remember, even if you take our advice there’s no guarantee you won’t be the target of credit card fraud.
As a merchant, you’re responsible for protecting your customers’ card details and protecting your business from fraud.
Our aim is to help you reduce the financial loss, number of credit card chargebacks and reputational damage your business may suffer due to fraud.
Your responsibilities and liabilities are detailed in your Merchant Agreement (PDF – 517KB).
Read our blog articles:
Learn how to mitigate remote access vulnerabilities (PDF – 386KB).
For any questions or concerns about credit card fraud call Merchant Fraud on 1300 668 046 or email Merchant.Fraud@nab.com.au.
Filter by content type
What else would you like to read?
- All (126)
- Videos (38)
- Kochie's Business Builders (29)
- How to guides (25)
- Tools and calculators (22)
- Templates (12)
- Online training (10)
- Using NAB Connect (9)
- Starting a business (7)
- Running a business (6)
- Credit cards (3)
- Growing a business (3)
- Business finance (3)
- Health checks (2)
- EFTPOS (2)
- Tax (2)
- Insurance (1)
- Getting started (1)