Protect Your Business from
Merchant Account Fraud
The security of your credit card processing systems and your customers’ financial data is integral to the health of your business. These systems are increasingly under attack from cybercriminals who use sophisticated methods to access valuable account information. It’s critical to be aware of any threats to your business and have measures in place to deter fraudsters.
How Cybercriminals Are Attacking
Taking advantage of vulnerabilities in your system’s security, fraudsters will hack merchant accounts to run authorizations to test the validity of card details they have stolen or purchased on the dark web. These fraudulent authorizations can result in an onslaught of fees and charge-back risks to your business.
Best Practices at the Credit Card Terminal
- Use Address Verification (AVS) during each sale if the card is not present.
- Enter the three- or four-digit Card Verification Value (CVV) whenever possible.
- Swipe or use the EMV chip as much as possible.
Best Practices for Your Merchant Gateway and E-Commerce Systems
- Make sure to review and consider all fraud settings available to you in your gateway, including, but not limited to: CVV, AVS, Velocity Thresholds, IP address.
- Employ CAPTCHA, visual challenges designed to distinguish humans from automated scripts.
- Set time parameters to cause online sessions to expire after periods of inactivity and add data validation for guest checkouts if you allow them.
Merchant Fraud Stats (% of Companies Affected)1
When a fraudster makes a small purchase to test if a card is active and if the purchase avoids the merchant’s fraud prevention measures.
One of the most prevalent forms of fraud, a botnet is a network of computers infected with malware and controlled without the user being aware, typically for nefarious activities such as digital ad fraud.
When a cyber attacker gains control of a legitimate account, enabling them to assume an employee’s identity and defraud customers and business partners.