By Dr. Heather Randall, CCEP
In the wake of the COVID-19 pandemic, fraudulent activity and scams have been on the rise. As a result, scammers are looking for ways to test their stolen card information. One way they do that is to find portals or e-commerce sites that have payment forms and use those forms to “test” cards. This is done by running hundreds or thousands of small transactions to see if they will be authorized. If these small transactions are authorized, the criminals assume the card is “good.” Meanwhile, the merchant may not know that this has happened until an expensive invoice is received for those “auths.”
In order to combat these types of scams, here are three ways merchants with an internet presence can mitigate their risk proactively:
CAPTCHA is an easy test that users take on web-based forms to prove that they are not a “bot.” These may include simple math questions or identifying pictures from an array. This simple step allows merchants to filter out bad actors and helps to ensure that their payment site is not being misused.
Use TC CrediGuard
TC CrediGuard is a product offered by Sphere that allows merchants to set parameters for certain transaction patterns. Merchants can set TC CrediGuard to deny transactions based on a set of predetermined criteria. For example, a merchant may set parameters to deny transactions after five attempts from the same IP address within 7 minutes. Or, if the IP address of a bad actor is known, a merchant may block that specific IP address.
Add a Log-in Screen
Payment forms that reside in front of a log-in page may be more convenient for your customers, patients, or donors, but it can also make it easier for criminals to use that payment screen as a tool for testing card numbers. By adding a log in screen, you create a barrier that may protect your business from becoming a target for these types of schemes.
By implementing these recommendations, merchants can take significant steps towards mitigating the likelihood of a Primary Account Number (PAN) or Card Testing event.
To learn more about secure online payment solutions and fraud reduction tools, please contact a Solutions Consultant at 800.915.1680, option 2 or firstname.lastname@example.org.