Tag Archives: fraud prevention

large

Preventing In-Store Credit Card Fraud this Holiday

With holiday sales projected to increase by 3.7 percent this year, merchants are looking forward to ending 2015 with a bang. But, with the slow adoption of EMV®,  it’s quite possible that the criminals, thieves and frauds could put a damper on your holiday cheer (and profits). The good news is that you can help prevent fraud by taking these key steps:

Look for Abnormal Behavior

Preventing Holiday Fraud | AbtekOf course, there are the obvious tells that someone is doing something they shouldn’t be—they’re in a rush, they won’t make eye contact with you, they seem jittery, etc. But also know that every industry has its own type of clientele with unique buying habits. For example, in the jewelry industry, it’s quite common for customers to negotiate prices. If a customer comes in and has no problem forking over the actual ticket price for a high-priced item, it could be a red flag for fraud. Identify some key behaviors of your typical customers, and use these as a benchmark for identifying fraud moving forward.

Keep Good Records

Keep Receipts | AbtekLet’s say a customer comes in and claims that you charged them for an item they didn’t buy. This scenario could play out in a few ways:

  1. The customer made the purchase, but is running a scam
  2. The cashier made a mistake and rang up an incorrect or duplicate item
  3. The purchase was made with the customer’s stolen credit card (or a fake card with the stolen number)

While it’s important to handle this situation delicately, in case the mistake is on your end, it’s critical to verify the customer’s claims before making a refund. The proof is in the paperwork. This is where organized receipt archives come in handy. Pull up any receipts that are tied to the customer’s credit card. Verify that charge did take place, then take a look at the signature field and compare it with the signature on the customer’s ID. Signed documentation (i.e. receipts) can help you win a dispute against a customer who is trying to take advantage of the chargeback system. If you’re looking at a potential mistake on your end, but the customer signed off on the transaction, it’s up to your discretion whether or not you make the refund. If it turns out that the purchase was made with a stolen card, the liability will fall on the card-issuing bank (as long as all EMV requirements have been met).

Train Your Staff

Fraud Prevention Training | AbtekWe can’t stress enough how important it is that you train your staff on proper processes for handling credit card transactions. Now’s the time—before the holiday sales rush hits full speed—to hold a workshop for your employees on maximizing security and preventing fraud. Not sure where to start? The Abtek Team is here to help. Give us a call today at (800) 544-9145 to discover how we can help you prevent in-store credit card fraud this holiday season.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
CNP Security | Abtek

CNP Merchants: How to Maximize Data Security

Fraud and theft is not a new problem in the card-not-present and e-commerce marketplace. For years, criminals have been crafting schemes to steal data and cracking the codes that are meant to protect it. According to the latest reports, merchants that sell goods online each spend an average of $10.1 million per year on fraud-related costs. And, with the crackdown on in-person fraud through the implementation of EMV chip technology, we can only expect to see card-not-present fraud numbers rise.

The United States is the last major country to make the transition to EMV, so we can look to other countries’ experiences for a glimpse of what we can expect to occur.. The general trend illustrates that as counterfeit and lost/stolen fraud decreases due to EMV, criminals find alternate routes to commit theft—primarily in CNP environments. While the UK was able to tame the problem by developing more advanced fraud analytics and using 3-D Secure technology, England is still working to combat the increase in CNP fraud since implementation of EMV in 2006.

So what can e-commerce and other CNP merchants in the U.S. do to protect themselves from the impending fraud spike? Being proactive is key. Here are some of the top imperatives for maximizing data security:

  • Secure Passwords | AbtekImplement Effective Password Policies – The more secure a password is, the harder it is to hack. By creating and enforcing password policies, you can help to maximize data security. One common “rule” is to require a minimum password length and complexity. For example, you may consider requiring passwords to be at least six characters and contain a mix of lower and uppercase letters, numbers and symbols. Another best practice is regularly enforce password updates—we recommend every six months.
  • Two-Step Authentication | AbtekUtilize Two-Step Authentication When Possible – The downside to data security is that it doesn’t always translate to user-friendliness. When a merchant requires customers to jump through hoops to make a purchase, it may deter them from completing the transaction. Instead, consider utilizing two-step, or two-factor, authentication. It’s a process that requires a user to verify their identity through the combination of two components—for example, a phone number, PIN, password, or security code associated with a credit card number.
  • USB CNP Security | AbtekAvoid Using USB Devices on PCs With Virtual Terminals – Did you know that anytime you attach a USB device to your computer, there’s a potential for being hacked? There’s no need to go throw away all your thumb drives, though. Simply be very cautious when connecting to PCs with virtual terminals where financial transactions are taking place, as they can be especially vulnerable to attack. And, never insert a USB to your computer that you’ve found lying on the ground—it could have been planted by a hacker trying to gain access to your data.

Are you a CNP merchant who needs help navigating through this post-EMV environment? Abtek is here to help. Contact us today to learn more about how to maximize your data security and minimize friendly fraud and other theft.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
large

How the EMV Liability Shift Will Affect Your Business

Being able to accept EMV cards isn’t as simple as flipping a switch on your existing terminals. In most cases you’ll have to physically replace your POS equipment to be able to accept these more secure, chip-enabled cards. And with only half of merchants expecting to be ready by the October 1 deadline, there’s a lot of work still to be done.

What does the Liability Shift Really Mean?

Barcode Error | AbtekCurrently, merchants are at quite a disadvantage when it comes to credit card fraud. In the event of a fraudulent credit card charge, the merchant is first faced with the loss of the merchandise, which in most cases is irreversible. Then, the cardholder’s bank (the card-issuing bank) takes the hit for the lost funds, meaning that they’re responsible for refunding the person who was the victim of fraud. These banks, however, often look to the merchant for reimbursement, claiming that the business didn’t take the proper measures to prevent the fraudulent charge from occurring.

Come October 1, what we know about fraud liability will be flipped upside down. In essence, once the shift hits, the fraud liability will transfer to the party that has not adopted the new EMV chip card technology.

Here’s a detailed look at how the liability shift will affect your business, depending on the situation in which fraud occurs:

Situation 1: A magnetic stripe card is swiped at an outdated terminal

Mag Stripe Credit Card | AbtekThe merchant hasn’t gotten around to updating their terminals, but lucky for you, the fraudulent charge was made with a traditional magnetic stripe card. In this situation, both parties—the merchant and the card-issuing bank—are at fault, meaning that the liability falls initially on the card-issuing bank, just like today.

Situation 2: An EMV chip card is swiped at an outdated terminal

This is when things really go downhill for merchants. If a customer comes into your store with a chip-enabled card, but they don’t have the equipment to process it properly, they’ll be forced to run it as a magnetic stripe card. This puts the cardholder at an unnecessary risk for a breach of their payment data. In this case, the merchant has not invested in the more secure chip technology and the card-issuing bank has, so the liability falls on the merchant.

Situation 3: A magnetic stripe card is swiped at an EMV-enabled terminal

EMV Chip Card | AbtekA recent poll shows that only one in 10 Americans have received new EMV chip cards from their banks. The cost to replace mag stripe credit cards is starting to catch up with the banks and we can expect a number of consumers to still be using magnetic stripe cards, even after the liability shift hits in October. In this case, so long as you have upgraded your equipment, the liability will fall on the card-issuing bank.

Situation 4: An EMV chip card is swiped at an EMV-enabled terminal

In this situation, all parties have put in the effort to upgrade their payment technologies, so it’s unlikely that fraud would even occur in the first place. However, if a fraudulent charge does occur, the liability would fall on the card-issuing bank.

Contact your merchant solutions provider today to find out how  you can get EMV-compliant by October 1.


Abtek is here to help merchants like you make the transition from traditional POS terminals to EMV-enabled equipment. We know that EMV can be confusing, and we’re here to answer all of your questions. Give us a call today at (800) 544-9145 to explore your options, before it’s too late! October 1 will be here before you know it! Follow us on Facebook, Twitter, and LinkedIn. 

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
ABTEK-BreakingNewsGraphic01

Digital Transactions: Don’t Let the Scourge of ‘Friendly Fraud’ Hurt Your Bottom Line

Tami Cohorst, Abtek’s Vice President, was recently featured on Digital Transactions, an online business publication focusing on trends in the electronic exchange of value.

You may have heard the term, “friendly fraud.” It’s no surprise, then, that there’s nothing friendly about it. And it’s quickly becoming a major problem for merchants across the globe.

Friendly fraud, also called friendly-fraud chargebacks or cyber-shoplifting, occurs when a customer makes a purchase online and then files a dispute with his or her credit card company, claiming that the charge was fraudulent or that the product was never delivered.

Continue reading the full article on Digital Transactions →

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
ABT_OnlineData

Merchants are at Risk, Too! Here’s How to Keep your Data Safe Online

We always stress the importance of having secure payment processing solutions so that you can ensure a positive shopping experience for your customers. But don’t forget: You and your business are consumers, too! It’s important for you to be aware that other businesses’ online platforms might not be as secure as yours. When your data is put into the wrong hands, you could be in for a lot of trouble (i.e. identity theft, stolen credit card information, computer hacks, etc.)

The solution? Good habits help merchants safeguard their sensitive business data online. Below, we’ve put together some of the most effective ways to ensure your online data is safe:

1. Choose a Secure Password

Once upon a time it was acceptable to create a singular password for all online accounts. Your password could even be as simple as your business name! But those days are now far behind us. Today’s hackers are smart and the less secure (complex) your password, the easier it is for them to access your data. The best way to keep your data safe is to choose a unique password for each online account. Your passwords should include a mix of upper and lower case letters, numbers and special characters, if allowed. To make it easy, you can use a password generator, like this one by Norton. Keep in mind: High profile businesses should change their passwords several times a year, according to Credit.com.

ABT_OnlineData_Icon12. Keep Your Email from Getting Hacked

When your business email gets hacked, you can do some serious damage. You might not even know it was hacked until a client asks you why you sent that “super weird video.” Awkward! An email hack can happen to the best of us, but there are steps you can take to prevent it. First, take our advice and change that password! The more secure the better. While you’re on the settings page in your email, see if there’s an option to implement two-step authentication. This links your email account with your phone number, so anytime you (or a hacker!) logs into an “unrecognized” device, you’ll receive a code on your phone to enter on the device in question. Also remember to be smart when opening email, if a message looks iffy, just don’t click on it!

ABT_OnlineData_Icon23. Shop Safely Online

First things first when shopping online: Do not ever enter your credit card information on a website if it doesn’t have SSL encryption installed. How can you know if it’s secure? Take a look at the URL—instead of starting with “http://”, it should start with “https://”. Also look for a little lock icon in the URL box. A website with SSL encrypts sensitive information so that only the intended recipient can understand it. In general, go with your gut feeling when shopping online. If a website just doesn’t feel right, find another one that you trust!

ABT_OnlineData_Icon34. Use the Internet for Banking

Online banking is just so convenient, it’s no surprise that more than 51% of U.S. adults use it. To ensure that your online accounts are as secure as a bank vault, you’ll want to follow some of the tips above, like creating a strong password and enabling two-step verification. On top of that, you’ll want to be sure to always keep your computer software up-to-date and always log out when you’re done.

Today, using the internet to do business is simply part of doing business! Just be sure to use it smartly and you’ll be good to go!


Stay updated on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
ABTK-SM-Blog-paymentprocesses-hero

Could Your Payment Processing Methods Be Endangering Your Customers?

Adopting good business finance habits ensures an establishment’s security and longevity. When credit card processing is treated with acute attention, point-of-sale transactions are quick and simple.

However, many businesses engage in a slew of less-than-safe practices, capable of undermining the entire establishment’s security.

Both negligence and bad bookkeeping can severely harm a business—and poor payment processing can compromise its customers.

ABTK-small-blog-image-paymentprocessing-01Insecure Data Storage

Merchant services requires consistency and protective storage methods. Unfortunately, when PCI compliance isn’t regularly practiced, digital payments may reduce an organization’s security.

An Oswap.org business data breach analysis has figured in the many threats posed against companies utilizing point-of-sale technology. Store-based devices aren’t entirely safe from malware, malicious users or false authentication. Similarly, the following habits can severely compromise a customer’s security at, and after, the register:

  • Writing down credit information by hand
  • Using insecure mobile applications for promotions
  • Improper maintenance of addresses, social security numbers and credit card data
  • Easily accessible information systems

ABTK-small-blog-image-paymentprocessing-02The Importance of Employee Training

Delegating business tasks effectively ensures a resource-savvy business. However, employee training benefits the customer’s security directly.

Task distribution promotes business connectivity, and a well-connected business may further assist its customers. When employees aren’t trained effectively, however, their customer attentiveness may dwindle. Similarly, they may forget or fail to execute vital actions needed for customer safety.

Anyone operating a business register or information database should be capable of utilizing supreme precaution. A negligent employee may not mean to compromise a customer’s information—but poorly trained job skills can absolutely exploit important information.

ABTK-small-blog-image-paymentprocessing-03Credit Card Security

Forgers often utilize fraudulent credit cards and their potential danger should be understood. This primarily affects the business, rather than the consumer. However, anything capable of targeting a business’s secure data infrastructure should be considered a vital security risk to everyone involved.

When examining credit cards for purchases, merchants must remember to check the following:

  • Valid expiration dates
  • First four account numbers above the card’s first four numbers
  • Three-dimensional security hologram
  • Matching signatures

Fraudulent credit cards can affect a business when high-tech sales processing machinery is forgone, which is why maintaining comprehensive point-of-sale processing is incredibly important.

Remember: The consumer is relatively unprotected during most transactions. While a business actively maintains systems to ensure their own privacy and sustainability, consumers may be exposed. Proper routines, effective employee training and a watchful eye during transactions will not only protect the consumer’s information—it’ll breed a business atmosphere deserving of trust and success.


Stay updated on payment processing trends by following Abtek on Twitter and Facebook. Sign up to receive our newsletter, too.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS
ABTK-EMV-hero

EMVs: The Future of Credit Cards Is Here

The serious data leaks suffered by Target and Neiman Marcus caused by hackers during the holiday season have re-energized the now long-standing question, “Are EMVs the future of credit cards?” US retailers are finally making the effort to catch up with the rest of the world.

Instead of leading the globe in innovation and cutting edge technology, the US has fallen behind in use of EMV (Europay, MasterCard, Visa) protocols. The recent breaches have magnified the security flaws in cards with magnetic stripes. These deficiencies have not been a “secret,” but obvious to all credit card issuers and manufacturers for some years.

ABTK-EMV-body-02EMV-Enabled Cards

With embedded computer chips and PINs, these cards are the height of security for retailers and cardholders. Credit card processing becomes equally secure, protecting both retailers and shoppers.

Commonly called “smart cards,” EMV-enabled cards use open-standard specifications to record payments on terminals programmed to accept them. EMVCo manages and maintains these protocols. EMVCo is owned by AmEx, Discover, JCB, MasterCard, Visa and other payment industry organizations, partnering as associates and technical consultants.

Where Are These Cards Now?

EMV cards are currently active for merchant services in an estimated 80 countries around the globe. Other countries not yet fully on stream with EMV smart cards, such as Canada, are in the process of converting to this embedded chip technology.

Instead of being the first, the US is one of the last countries to convert its mag stripe cards to EMV. In fact, EMVCo estimates that as far back as the fourth quarter of 2012, there were over 1.6 billion (with a “B”) smart cards active around the world.

  • Europe has over 95 percent of all payment terminals that are smart card active.
  • Canada and Latin America, including the Caribbean, have around 80 percent EMV-enabled terminals.
  • Even the Middle East and Africa have almost 80 percent smart card terminals.

ABTK-EMV-body-03Why the US Is “Late”

Those outside the banking and credit card processing industries often wonder why the US, typically a world leader, is so late getting to the dance? The delayed entry can be summed up in one word: volume. Migration to EMV cards in the US involves massive cost because of the number of magnetic stripe credit and debit cards, along with traditional and handheld POS systems, in circulation.

The merchant services industry and card issuers have been technologically ready for some years. However, the pure volume of mag stripe cards and terminals has generated the conversion delay. It was not until 2012 that major card issuers, such as MasterCard, Visa, AmEx and Discover, published strategies to perform the migration from magnetic stripe to embedded computer chip cards.
Since existing POS systems also need conversion, the cost of migration further increases for retailers of all sizes. Still, the benefit of using EMV cards and terminals remains indisputable.

ABTK-EMV-01Benefits

The benefits of EMV technology are impressive and well known.

  • Fraud prevention remains the most important benefit. The recent unfortunate events plaguing Target and Neiman Marcus, where so much plastic card sensitive information was compromised, emphasized this benefit beyond a shadow of a doubt.
  • Increased use of ecommerce, mobile merchant accounts and online payments are much more secure with EMV-enabled plastic cards. While the “best” hackers try to stay ahead of the curve, smart cards enjoy a uniquely secure reputation at the moment.
  • EMV technology offers detailed cardholder verification techniques, which provide online security that mag stripe cards do not. Using EMV cards minimizes the current problems of counterfeit, lost or stolen cards.

Credit Card Processors

This industry eagerly anticipates the future conversion to EMV technology. Industry insiders predict fewer errors, chargebacks and processing delays through the migration away from magnetic stripe terminals to EMV-enabled devices. The reasons?

  • Increased card authentication during the payment transaction protects cardholders from counterfeit card use by others.
  • Secure cardholder verification further protects merchants and cardholders against use of lost or stolen cards.
  • Use of card issuer determined permissions increases security of transaction authorizations, minimizing many potential problems.

Some US banks have started issuing EMV cards to customers. The process of total migration will take some time, requiring the patience of the industry, cardholders and merchants. The resulting huge decreases in fraud losses will be worth the wait, however.

Since most current EMV cards also have a mag stripe, travelers from the UK and other EMV countries can use their credit and debit cards at US retailers until the conversion is complete. While issuing only chip-enabled cards is under discussion in Europe, for the foreseeable future, most international travelers should encounter no problems using chip and mag stripe cards in the US.

Share and Enjoy

  • Facebook
  • Twitter
  • Delicious
  • LinkedIn
  • StumbleUpon
  • Add to favorites
  • Email
  • RSS