How to Protect Your Business When Taking Telephone Credit Card Transactions

Fraud on the Rise…

When Alexander Graham Bell obtained his official telephone patent in 1876, there likely wasn’t a single person around who envisioned the communication device as an instrument of billions of dollars of commerce transactions.

Yet, here the telephone has become a valuable resource for business owners in processing transactions when face-to-face dealings are not an option. Paying on any mobile device, including the phone, has become the most popular method to remain contactless and to make payment quickly for our society.

Alas, the dark side has complicated this convenience with criminal creativity growing exponentially.

The criminals take advantage of individuals, hacking into their information, taking their personal data to make fraudulent transactions when they can. August 2015 article by The Nilson Report, total credit card losses due to fraud totaled over $16 billion worldwide, primarily a result of mail order and telephone order deception. In 2018, in Quarter 4 alone, it was on the rise by 79%. The police have totaled over $40 billion dollars a year lost with 10,000 companies at work to steal information to use for criminal purposes. Fraudsters migrated more toward these types of transactions as EMV technology rolled out. This type of payment uses chip-enabled credit and debit cards, making it a more secure payment in person. If a customer makes payment through an unprotected IVR, mobile pay, or online payment option, the credit or debit card will process the transaction without the card present. Visa and MasterCard consider this type of transaction less secure. Hackers can take advantage of these scenarios when the right fraud protection technology has not been put into place for a business.

Good News!

Fortunately, iCheckGateway.com protects business owners from such chicanery with our suite of secure online payment solutions. We use Check Verification for ACH transactions, an Address Verification System (AVS) and a Card Verification Code (CVC) Match for credit card and debit card transactions, and tokenization for all of the sensitive data stored on our securely monitored servers to provide the highest level of compliance for the PCI scope of our merchants.

Focusing on the credit and debit card transactions, while inputting a customer’s card information into iCheckGateway.com’s Virtual Terminal, business owners can request their address as well as the CVC code on the back of most credit cards (American Express cards print the four-digit CVC code on the front).

The AVS system will return a response code letting the merchant know the validity of the address.

Once a customer processes a transaction, merchants can view the codes in the virtual terminal. These codes detail part of the transaction information merchants can view in iCheckGateway.com. The transaction will still process, regardless of the code results. However, the response codes provided can inform the merchant of any discrepancies, and allow the merchant to determine if they wish to proceed with the transaction. The merchant would have the opportunity to void the transaction before the transaction batches. Keep in mind, there are several reasons that cause the AVS verification to fail for a valid transaction, for example: if the customer has recently moved, and the AVS system has not been updated to reflect the new address.

Once processed, look for these responses in the Online Terminal:

M = CVV2 Match

N = CVV2 No Match

P = Not Processed

S =  Issuer indicates that CVV2 data should be present on the card, but the merchant has indicated that the CVV2 data is not present on the card

U = Issuer has not certified for CVV2 or Issuer has not provided Visa with the CVV2 encryption Keys

Be Educated to Avoid Fraudulent Payments

We want to educate our merchants to assist them how to keep on guard to protect their business from criminal transactions.
Elavon, one of iCheckGateway.com’s credit card processors, has offered several tips to help merchants protect themselves against criminals when making purchases that are not in person. Namely, watch out for customers who make purchases without regard for quantity, prices and other key aspects, who use a shipping address that’s different than the address on file for the credit card, or who use a card issued in the United States, yet requests that the merchandise be shipped to locations outside the country.

Federal Trade Commission keeps a running list of scams going on in the United States.
You can view the latest ones to educate yourself on how to avoid fraud here.

View other security measures we use setting our merchants up with their Hosted Payment Portals at iCheckGateway.com as we keep our merchants avoiding fraudulent transactions and in PCI compliance.

 

By ICG Digital
April 3, 2017
Leave a comment

Want to learn more about iCheckGateway?