What is payment fraud?
4.6 of 5.0 stars
High Risk – No Problem
Our representative was great he’s very…
Great so far
Communication was great and they…
Great Company easy communication and…
Payment fraud is when payment information — like a credit card or bank account — is used as part of a fraudulent transaction.
Often, payment fraud involves stealing a victim’s payment information, but that isn’t always the case. For example, illegitimate refund requests are another form of payment fraud.
With ecommerce rapidly growing, cybercrime is also on the rise. In fact, researchers predict online payment fraud will cost retailers more than $340 billion over the next five years. And, LexisNexis reports every dollar of fraud costs U.S. merchants $3.75.
All this creates an environment where merchants must be on high alert to prevent payment fraud. Here, we’ll look at the different types of payment fraud and provide some steps you can follow to help keep your business safe.
What are the types of payment fraud?
Payment fraud comes in many forms. There are many ways fraudsters can trick an unsuspecting consumer or merchant, so let’s review common types of payment fraud.
Credit card fraud
We’ll begin with one of the most basic types of illegitimate transactions — credit card fraud. This can happen when a fraudster steals a credit card or credit card information. Then they use the card to purchase online goods.
Normally, when the real cardholder notices the unusual activity on their bank account, they dispute the charges. Often, this results in a double whammy for merchants. The merchant loses revenue and the goods that were shipped to the fraudster.
Card testing is a bit more intense than credit card fraud. It entails using bots or scripts that can make hundreds to thousands of low-value purchases to test for valid credit cards. This type of payment fraud can put a huge financial strain on merchants once the chargeback requests roll in.
Fake return of merchandise
This type of fraud is much harder to detect. You won’t know until the consumer has reached out to claim they never received their order and would like a refund.
They also might say they’ve shipped the item back in the hopes they’ll get their money back. If there was no proof of return, the merchant might not find out till weeks later that the merchandise was never actually returned.
Chargeback fraud is similar to fake return fraud in that both result in the consumer asking for a refund. The difference here is that a consumer or fraudster bypasses the merchant and requests a refund from the bank.
Sometimes, chargebacks are legitimate. Chargeback fraud occurs when a chargeback is requested for an illegitimate reason. For example, a fraudster may receive an item, claim they did not, and request a chargeback through the issuing bank.
The term “friendly fraud” is often used interchangeably with chargeback fraud. However, friendly fraud only covers a subset of chargeback fraud cases. Friendly fraud occurs when a customer believes they are legitimately entitled to a refund, but contact the issuing bank without giving the merchant a chance to handle the situation.
For example, a customer might not recognize a transaction on their bank statement or someone else in their household may have made the purchase. Instead of contacting the merchant to resolve the issue, the customer goes directly to the bank and files a chargeback.
Merchant identity fraud
Perhaps more insidious than the types of fraud mentioned above, is merchant identity fraud. Where the other types of transactional ploys involve a cybercriminal acting as a consumer, merchant identity fraud involves the cybercriminal playing as the merchant.
The fraudster might set up an ecommerce site to look nearly identical to an unsuspecting consumer. The person behind the fake site can then obtain the consumer’s card information when they make a purchase. Once the false transaction is complete, the person who made the false merchant account can simply terminate and walk away with the money.
You’ve probably heard of phishing in terms of email scams. This is when someone receives a deceptive email letting them know their account has been compromised and that they need to reset their password in order to protect their information.
This is exactly what happens during a phishing attempt at payment fraud. A fraudster might send out emails to consumers letting them know something went wrong with their order or that there is a problem with their account.
The consumer will then follow the link in the email to reset their billing or account information, and the fraudster will then steal all the information.
Payment fraud can affect any size company
Cybercriminals know how many consumers these days are relying on online purchases. Payment fraud can affect both large and small businesses. Whether you’re a smaller mom-and-pop shop that just began offering online payment options, or you’re a larger, more established online business, it’s always important to look for the warning signs of fraud.
This being said, fraudsters might be more inclined to focus on smaller businesses that don’t have as many protective tools in place. The less secure your fraud-protection system, the easier it is for cybercriminals to attack your business.
When it comes to fraud, it’s not just your business’ finances that will be hurt. Your customers’ trust could also waver. If they learn about security issues with online payments, your customers might rather spend their money where they can count on their personal information staying safe.
How to prevent payment fraud
There are steps you can take and tools you can use to reduce your chances of fraud affecting your company and customers. Here are some tips to help you reduce payment fraud risk:
- Leverage encryption and secure payment gateways – Secure payment gateways help you encrypt and secure ecommerce payments. The right gateway can help solve many of the technical and compliance issues involved with securing online payments.
- Follow the principle of least privilege for customer and payment data – The principle of least privilege means only granting access a person (or system) requires to do their job. Be sure to keep customer and payment data on a need-to-know basis that is compliant with PCI DSS.
- Stay informed about payment fraud trends – Ecommerce is continuously evolving, and so is payment fraud. Fraudsters won’t stop when they hit roadblocks like authentication procedures and secure payment portals. They’ll simply find new ways to commit payment fraud, and your business needs to keep up.
- Partner with the right payment solutions provider – Mitigating payment fraud risk is a complex task. It requires the right mix of technical, financial, and compliance knowledge. A trusted payment solutions provider, like TailoredPay, can help you find the solutions your business needs at an affordable cost.
- Make it easy for customers to contact you and request refunds – Friendly fraud often occurs because a customer is legitimately confused about a transaction. For them, it’s easier to file a chargeback with their bank than it is to contact the merchant. Making it easy for customers to contact you can prevent many cases of friendly fraud before they begin.
- Invest in chargeback mitigation – Chargeback mitigation services empower you to detect and respond to chargebacks early on. As a result, you can reduce the risk of payment fraud, provide refunds to legitimate customers, and protect your profits.