Many accounts receivable payments are made online or by phone. With the recent news of data breaches and the always-present threat of fraud, it’s important to keep your agency and consumers safe during card not present transactions. Fortunately, there are many simple tactics you can employ to prevent fraudulent transactions and reduce the risk of a data breach to your business.
Require AVS
Enabling the Address Verification System (AVS) is a simple way to avoid fraudulent payments that will harm your consumers and cause your chargebacks to increase. Requiring your consumer’s billing address along with their card payment allows the system to match the billing address of a card to the address offered at the time of payment. If an AVS matching fraud module is enabled on your merchant account and the address does not match, the card will be declined.
In the event of a chargeback, a positive AVS match also works as a proof that the cardholder made the purchase in question (as it’s unlikely that a fraudster would know a stolen card’s billing address). Another bonus -- collecting address information at the time of payment qualifies your agency for a lower rate. Ask your payment processor if they can put this system in place for your agency.
Require CVV Information
Much like AVS, collecting the Card Verification Value (CVV) number is an easy-to-implement option for reducing fraud during online payments. The CVV is the three digit number (or four digit, in the case of American Express) that is found on the consumer’s card. Asking for this number at the time of payment prevents fraud by proving the consumer is paying with a card they actually have in-hand. Keep in mind, AVS and CVV mismatches won’t automatically cause a decline in your payment system. If you would like mismatches to decline payments in your system, you must ask your payment processor to enable a specific module for you.
Authorizations as Fraud Prevention
Acquiring a signature at the time of payment is another (often overlooked) way to protect you and your customers. Not only does this practice deter fraudsters, it can fulfill payment compliance obligations your agency must follow, and help protect you in the event of a chargeback.
Using digital signature, which uses dual authentication in order to verify identity, you can prevent fraud by increasing the security required to make a payment. By adding an extra layer of protection, you reduce the likelihood of the wrong person accessing a payment request, which makes it harder for a fraudulent payment to get through. Look for a digital signature product that provides an audit report on every signature, so you can easily access the document later on if the consumer contests their payment.
Reduce Likelihood of Data Breaches
Reducing the amount of places a consumer’s credit card data is stored in turn reduces the risk of that data being stolen. Choosing a payment processing management system that stores your data for you can keep your agency and consumers safe while also keeping your business systems out of PCI scope.
You should also research what other tools your processor offers to keep your consumer’s data from falling into the wrong hands. For instance, PDCflow offers patented secure entry overlay, which allows ARM industry professionals to take payments without ever storing sensitive data on their own servers. The secure entry overlay provides a system whereby the agency enters the credit card number on a hosted machine in a PCI certified environment, preventing even the transmission of data through the agency’s systems.
If you use these tips while taking online and telephone payments, and use a payment processor that values security, you can lower the risk of fraud, protect your customers, and decrease your risk of chargebacks.
For additional information on fraud prevention on card not present transactions see: