In 2016, €41 billion was spent on debit and credit cards issued in Ireland. A total of €13.2 billion or 32% of this was spent online. With the internet providing consumers with a particularly convenient way to shop, greater selection and ease of price comparison, this figure is likely to continue growing, writes Erica McKinney, Financial Crime and Security, Banking & Payments Federation Ireland.
Overall, fraud on card payments is relatively low – amounting to under €30 million or 8 cent in every €100 in 2015. However, notably, circa 70% of this fraud occurred in a ‘card not present environment’, i.e. when the card was being used remotely for internet, phone or mail order shopping. While the internet provides consumers with a convenient way to shop, it also provides criminals with a lower risk way to attempt card fraud.
Retailers are posed with a challenge: for most businesses, offering a remote payment or e-commerce option is now essential but without the card and cardholder present, how does the retailer know the transaction is genuine? If a transaction is fraudulent, the retailer can have a double loss – the loss of the goods sold and of the payment amount.
It is important that retailers who accept cards remotely familiarise themselves with the risks involved and with measures by which they can mitigate these risks. Before offering customers the option to pay by internet, mail or phone, it is essential to have the correct agreement in place with your card processor or acquirer, who will also advise on specific card not present risks and
on tools and techniques which can be utilised when selling remotely, to build up a profile of the customer, authenticate the cardholder and ensure payment is received securely.
One such tool, which creates a more secure environment and helps retailers to minimise online fraud losses, is 3D Secure. Recent advances in the implementation of 3D Secure provide for an improved cardholder and retailer experience which is seamless to the cardholder in many cases. Ensuring that your payment application is secure and meets Payment Card Industry Data Security Standards (PCI DSS) is also important.The following are some other steps retailers can take to protect against online fraud.
You can find more information including downloadable training documents on the following links: www.bpfi.ie/customer-assist/businesscustomers/reduce-card-not-present-risk/;
This Business Support article featured in the March/April 2017 edition of The Hardware Journal.