Add to collection(s) Add to saved
  1. Business

FNB Merchant Services

advertisement 
FNB Merchant Services
Security Brochure
All you need to know about minimising fraud
The likelihood that your business might be losing money due to fraudulent card transactions is
probably something that you rarely think about, but if you are not vigilant, it can cost your business a
lot of money.
At FNB Merchant Services, we know that you face many risks with card transactions. Because some
merchants are more prone to fraudulent transactions, you need to understand how likely your
business is to become a target of fraud, how card fraud works, how to detect it and, of course, how to
prevent it.
We aim to support your business by providing you with helpful tips on understanding the types of risks
you face, as well as how to reduce these risks.
What are your responsibilities as a merchant?




You must ensure that you understand the terms of your merchant agreement in respect to
your obligations, and always adhere to the terms and conditions of your merchant agreement
and the card scheme rules.
You must insist on receiving proper fraud training.
If you are an e-Commerce merchant, you must protect your web-based business by
registering for 3D Secure from MasterCard and encourage the use of Verified by Visa cards.
You must ensure that you put proactive measures in place to prevent and mitigate the risk of
fraud when accepting card payments.
Accepting card payments
Authorisation
When accepting card payments, ensure that you understand what the term “authorisation” means.
Authorisation means that the account number is valid, that the card has not been reported stolen, and
that there are sufficient funds available to cover the transaction.
However, an authorisation does not confirm that the person providing the card number is the
legitimate cardholder, as the person providing the credit card number could also have either stolen or
improperly obtained the card. There is also the risk that the purchaser has compromised (improperly
obtained) the card number, without being in possession of the card at all.
Verifying the cardholder
It is your responsibility as merchant to verify if the purchaser is the genuine cardholder, irrespective of
how the verification process works for different credit cards. This is particularly important for Internet
and MOTO merchants.
Ensure that you verify the cardholder by asking for their Identity Document, Passport and/or Drivers
Licence, but be aware of falsifications of these documents. Also, be careful if the same card has been
used more than once a day.
When performing a transaction
 Do not break up a transaction into smaller values in order to avoid authorisation.
 Do not test cards – perpetrators may request you to swipe the card for various reasons
without making a purchase first.
 Do not transfer cash to any personal bank account.
 Do not use your own card at your own business.
 When performing manual or key-entered transactions, you must ensure that an imprint of the
card is made on the sales booklet for every transaction.
 You may only refund purchases on the card number that was presented as means of
payment.
_________________________________________________________________________
Types of fraud
Lost card fraud
Lost card fraud refers to a fraudulent transaction that occurs on a genuine card after a cardholder lost
his/her card.
Stolen card fraud
With stolen card fraud, a fraudulent transaction is performed on a genuine card that was stolen from
the legitimate owner.
Counterfeit card fraud
This type of fraud mostly arises from a card that is illegally manufactured by stealing information from
the magnetic strip on the back of a genuine card through card skimming. In other cases,
lost/stolen/old cards are encoded with information stolen from a genuine card. This type of fraud is
most prevalent, thus you must ensure that you understand the security features of a card.
Account takeover fraud
This occurs when an existing account is taken over by someone posing as the account holder, who
uses the account for his/her own benefit. This type of fraud can only take place if the fraudster has
access to the personal information of the accountholder.
Not received issued card fraud
This kind of fraud relates to the interception of genuine cards before they reach the authentic clients.
Impostors then use these intercepted cards fraudulently.
Warning signs to help you detect fraud










The card is taken from a pocket instead of a wallet.
An unusual amount of expensive items are purchased.
Random purchases are made; selecting items with little regard to size, quality or value.
Several small purchases are made to stay under the floor limit, or you are asked what the
floor limit is.
The sales draft is signed slowly or awkwardly.
Expensive items are charged on a newly valid credit card.
Photo identification cannot be provided when asked.
The customer attempts to rush you at the end of the work day.
A large item is purchased (such as a television console) and the customer insists on taking it
at the time of purchase, even when delivery is included in the price.
A large amount of merchandise is purchased without regard to size, style, colour or price.





The customer asks no questions on major purchases.
A customer tries to distract or rush you during the sale.
The customer makes purchases and leaves the store, only to return and make more
purchases.
Large purchases are made directly after the store’s opening, or as the store is closing.
The customer refuses free delivery for large items.
_______________________________________________________________________
What are chargebacks?
A chargeback takes place when the cardholder raises a dispute with his/her bank, informing the
issuing bank that they have not authorised a transaction or that the product ordered by him/her has
not been delivered. If the dispute is resolved in favour of the cardholder, the transaction is charged
back (debited) to their account. In other words, you as merchant will lose the full sale proceeds.
Common reasons for chargebacks
 The cardholder did not make the transaction (frequently an indication of fraud).
 The cardholder has cancelled a recurring transaction.
 The goods are not as described.
 The goods are faulty or defective.
 The failure (by the merchant) to respond to voucher requests.
 The goods/services were not received.
 The merchant floor limit was exceeded without obtaining authorisation.
The issuing bank may ask you for a SpeedPoint slip; therefore ensure that you do not destroy
transaction slips. You should store transactions slips in in a safe, dark place such as a box or safe.
How to avoid chargebacks








Always take a clear imprint of the card when processing manual transactions.
Obtain authorisation for all transactions over your floor limit.
Ensure that the cardholder signs the sales voucher.
Compare the signature on the card with the signature on the sales voucher.
Avoid processing a single transaction more than once.
Reconcile your daily sales vouchers to ensure that transactions are processed correctly.
Provide copies of sales vouchers to your bank within the retrieval request time frame.
Check completed vouchers daily and be careful of:
o The same card numbers recurring.
o The same or similar signatures recurring.
o The same cashier/attendant involved in the completion of suspicious transactions.
__________________________________________________________________________
Concerning fraud trends
Verifying delivering addresses
During the past year, online merchants (commonly known as e-Commerce merchants) have had to
ensure that the delivery addresses are consistent with the orders received. For example, if the
cardholder has used a US bank-issued card for delivery of goods in another country, the merchant
must request for further assistance from the bank to verify the legitimacy of such transactions.
Card skimming
Card skimming (to create cloned cards) is a rapidly growing type of card fraud. This method, by which
magnetic stripe information on a legitimate credit card is obtained and transferred to a cloned card,
can later be used for fraudulent purposes.
The legitimate card and the cloned card are electronically indistinguishable. For example, a collusive
employee accepts a card from a non-suspecting cardholder, processes the correct transaction and
performs and additional swipe through a skimmer, which the employee later provides to a criminal.
The criminal uses the captured data on the skimmer to create false, cloned cards.
A skimmer can be as small as or smaller than a cellphone, making it easy to hide. Business owners
are requested to take special care before employing staff who have not been through a thorough
screening process.
Card security features to prevent card skimming fraud
•
•
•
•
•
•
•
Compare the card number on the SpeedPoint slip to the number on the front of the card, it
must be the same.
Ensure that the hologram is three-dimensional and consists of different colours.
Do not accept an unsigned card.
Compare the signature on the SpeedPoint slip to the signature on the reverse of card.
Below the first four digits of the card number, these same four digits should be printed in
much smaller print. If not, refuse to complete the transaction.
The chip must be present on the front of a chip card before the card is dipped into the chip
slot. Some chip cards require a PIN number, while others do not. If no chip is visible but your
POS terminal shows that the card is indeed a chip card, this indicates that the card is
counterfeit.
If the magnetic strip on a card is faulty, do not proceed with the transaction. Do not use a
supervisor card to process the transaction, rather ask the customer for an alternative payment
method.
_________________________________________________________________________
Managing financial risk
(Refer to merchant agreement)



High levels of fraud may result in the termination of the merchant agreement and the
retraction of POS terminals. Your business might also be blacklisted for excessive fraud.
Take care to monitor revenue (volumes and values) in order to identify unexpected and
abnormal transactional behaviour, as abnormal transactions may indicate fraud.
Report suspicious transactional behaviour to your bank to investigate.
_________________________________________________________________________
When do you need to call for a Code 10?





If the presented card appears to be a counterfeit or altered card.
If the purchaser or transaction seems suspicious.
If the signature on the SpeedPoint slip does not match the signature on the back of the card.
If the card number on the printed voucher differs from the card number on the card.
If the message on the terminal reads “HOLD AND CALL” or “HOTCARD”.
___________________________________________________________________________
For more information
0860 263 362
www.fnb.co.za/business
fnb.mobi/business
Related documents
Using CommonKADS Method to Build Prototype System in
Using CommonKADS Method to Build Prototype System in
unsIGneD CreDIt CArDs
unsIGneD CreDIt CArDs
WCMSRiskManagement
WCMSRiskManagement
Credit Card Authorization form
Credit Card Authorization form
Problem Solving Essay.doc
Problem Solving Essay.doc
Goldman's Critical Support
Goldman's Critical Support
The Headright System Yazoo Land Fraud (Allocation By Price)
The Headright System Yazoo Land Fraud (Allocation By Price)
Download
advertisement