Retail holiday fraud increased 31 percent during the 2016 holiday season, and based on the fraud trend trajectory this year, 2017’s figures are likely to clock in at another record-high rate.
It’s inevitable that card fraud will surge during the holiday season. For merchants, unfortunately, this is the cost of doing business in a digital-first era. Not to mention the pricey compliance issues associated with avoiding holiday card fraud surges and fully protecting your customers.
Luckily, there are plenty of steps merchants can take to safeguard their businesses — and their customers — this holiday season. We’ve gathered quick tips merchants should be following to prevent their holiday profits from getting lost to the many card fraud schemes.
Rely on E2E Security and Built-In Tokenization Capabilities
The first step in securing your business’ sales this holiday season is having a payment processing partner with the proper security protocols to protect your software and payment terminals. End-to-end encryption and tokenization are key features that should be non-negotiable for all merchants’ payment processing partners.
Tokenization involves substituting credit card/account numbers with a one-time number known as a token that has no value or connection to a person or their account. The customer’s 16 digit primary account number (PAN) is replaced with a custom, randomly-generated alphanumeric ID. Because this transaction eliminates the link to sensitive data, tokens are used in credit card processing to reduce exposure to breaches.
Similarly, encryption protects sensitive data by making the data unreadable to those without a secret decryption key. Data encryption is the first step in protecting your cardholders’ information and laid the groundwork for today’s tokenization methods that have been viewed as the more cost-effective and more permanent method to protecting cardholders’ credentials.
Invest in Real-Time Fraud Monitoring and Faster Decision Making
Today’s fraudsters are smarter and faster than ever before. This leaves little time for merchants to play catch up. Instead, you should be investing in better security software that detects fraudulent spending patterns and suspicious card activity faster than manual review allows for. Innovative technologies in the marketplace like machine learning have paved the way for better fraud detection abilities, which have empowered merchants to stop fraudulent purchases before they occur. Moreover, relying on software that detects potential fraud faster helps merchants avoid card declines that lead to costly compliance penalties with your issuer partners. Merchants should work with payment processing companies with fraud tools and industry partnerships that can help them detect suspicious activity before it spreads beyond a single order.
Having a better overview of your transactions also helps avoid false declines, which may increase during the holidays as issuers are on higher alert for card fraud. False declines are estimated to cost online merchants more than $8 billion annually, and the costs continue to rise. Protecting your business from increased costs associated with card fraud also means implementing the many security measures necessary to properly accept credit cards.
Accept Payment Methods that Better Protect Cardholder Data
Merchants today need to be equipped to accept payment methods that are designed with industry-leading security measures. The first step in that is ensuring you’re working with an EMV-certified payment processing partner.
As the global standard for credit and debit card payments, EMV creates a one-time use code (tokenization) for each transaction. The added protection comes with the tiny chip embedded in the card, encrypting every transaction. This provides an increased ability to securely transact, authenticate the card and the cardholder — all of which are directly correlated to fraud.
EMV, of course, isn’t the only way to protect cardholder data. Innovative mobile payment methods, like Apple Pay, are ways to accept payments online, in-store and in-app. Apple Pay and similar digital payment methods rely on tokenization to create single-use tokens that better protect cardholder data. Mobile payments provide both an added convenience for your cardholders, and an added layer of security for purchases made across different channels.
Strengthen Your Internal Security Protocols and Train Your Staff
This last set of tips to protect your business, and cardholders, this holiday season seems intuitive, but many merchants overlook this step when preparing for the holiday rush. A majority of data breaches are typically caused by employees who process a payment wrong or fail to follow the proper security procedures established by a business.
Training your employees about the importance of protecting cardholder data can save your business plenty of headaches, and compliance issues, this holiday season. Employees should be trained on how to use unique passwords that are harder to crack and be reminded to change passwords frequently. Employees should also be trained to never store credit card information on your payment systems. Storing payment data increases the chances of a breach, and once a consumer has their information stolen from your business, it’s incredibly difficult to gain their trust back.
Merchants must also invest in stronger firewalls, and rely on anti-malware protecting. Having the right tools to secure your hardware can help prevent the increased number of attacks all merchants will face this holiday season. Hackers are getting smarter and faster every year, and during the holiday season, it’s easy for merchants to let their guards down. Now, however, is the prime time to invest in more effective security measures that safeguard your business’ data and your cardholders’ credentials. After all, the holidays aren’t just shopping season for your customers — it’s the shopping season for hackers, too.
