How Your Small Business Can Avoid Credit Card Fraud
Accepting credit cards as payment is necessary for most small businesses, but small business owners can also bear the brunt of fraud-related costs. If there's a fraudulent credit card purchase, you might be out the cost of the product and shipping and have to refund the order amount.
You also might spend time and money dealing with chargebacks—when a cardholder disputes a transaction. And if your chargeback rate climbs too high, you could have to pay additional fees or lose your ability to accept credit cards.
The True Cost of Fraud Study: Retail and Ecommerce study from 2022 added up these costs and found that every $1 lost to fraud costs U.S. merchants $3.75 overall. So, consider how much you might save by investing in fraud prevention.
With that in mind, implement some of these suggestions to help avoid credit card fraud.
Stopping in-person credit card fraud
In-person credit card fraud isn't as prevalent as fraudsters using stolen credit card details to place orders online, but you still want to be cautious. Put a few standard practices into place and ensure your staff knows the potential for fraud.
1. Require customers to dip or tap their card
You may be liable for credit card fraud if you have a point-of-sales terminal that's compatible with EMV chips and you let a customer swipe a credit card with a chip. To shift that liability to the card issuer, make sure customers dip their chip into the terminal or use tap-to-pay with their card or a digital wallet.
2. Ask for an ID for high-risk transactions
You probably don't want to ask for customers' IDs with every purchase, but it can be a good policy when there are high-risk transactions. For example, when customers try to buy high-value items that they could easily resell. Or if the entire bill is over a certain amount.
3. Look for odd, suspicious, and counterfeit cards
You might be able to spot criminals by looking for suspicious behavior and counterfeit cards. For instance, someone who carefully hides the card when they go to pay. If the card looks damaged or faded or the EMV chip repeatedly doesn't work, those could also be signs of a counterfeit card.
Stopping online credit card fraud
Card-not-present (CNP) fraud can be trickier to stop because there's no limit to how many people can attack your online store. Small businesses may also be an ideal target for certain types of attacks because they don't have entire fraud prevention departments. However, you can get a lot of high-quality resources and assistance from your payment gateway provider. In particular, look for options that support the following.
1. Address verification services
An Address Verification Service (AVS) can compare the billing address that a customer enters to the billing address that the card issuer has on file. If they're different, there's a chance that the buyer is a fraudster using stolen credit card details.
But a mismatch doesn't necessarily mean it's fraud. Perhaps the person recently moved, or they entered an apartment number that tripped up the system.
You don't want false positives to result in lost orders, so consider working with a fraud or payments professional to help adjust the rules based on your specific industry and risk tolerance.
2. Require expiration dates and CVC codes
Most online shoppers expect to enter their credit card's expiration date and the three- or four-digit card verification code (CVC). It's a relatively standard practice precisely because it can help protect you from credit card fraud when the fraudster has stolen card details from a card skimmer or online database.
3. Use 3D Secure
The latest 3D Secure (3DS) 2.0 protocol attempts to prevent fraudulent credit card purchases online without adding too much extra work for shoppers.
For example, a new customer who visits your website and places an order may need to verify their identity by scanning their fingerprint with their phone or entering a code sent to their email. But returning customers using the same device might not have to take extra verification steps.
If you enroll in 3DS, the liability for authenticated one-time purchases may shift from your business to the card issuer. Learn more from American Express SafeKey, MasterCard Identity Check, and Visa Secure.
4. Add additional rules
You also might be able to create rules that will flag transactions based on certain criteria, such as the purchase amount, currency, or the buyer's IP address. It could even make suggestions based on the customer's order history. And you can blocklist identified fraudsters to stop them from placing new orders.
Set clear expectations
Even if someone makes a legitimate purchase, they might dispute a charge if they're not happy with the product or service they receive. Unfortunately, some people dispute transactions just to get their money back—sometimes called friendly fraud or first-party fraud.
Clear expectations, including detailed product descriptions, return periods, and accurate shipping timelines, can help you avoid misunderstandings. Also, make sure the name that appears on their credit card statement matches your storefront's name—contact your payment processor if you need help. And if something happens, like a shipping delay, update the customer immediately.
If you need to defend yourself against a fraudulently filed chargeback, make sure you have the proper documentation ready, including receipts, correspondence, and shipping records. You could also try reaching out directly to the customer to see if you can find a resolution.
Finally, great customer service isn't just good business—it can also be a fraud deterrent. If customers know you'll be quick to respond and help them resolve a problem, they may be more likely to go to you directly than dispute a charge.