The last several years have been brutal on business owners where cybersecurity is concerned. You can’t glance at the headlines without coming across news of some catastrophic data breach. And hackers aren’t the only possible security issue. Credit card fraud is still very much a real thing.
Let’s start with the good news. There are things you can do right now that will absolutely make your POS system more secure. In fact, the single most effective tip in this article won’t even cost you a dime. It’s a simple policy shift that will immediately boost fraud protection.
Then there’s the bad news. Since we’re talking about a policy change, that means retraining yourself and your people—maybe even some of your customers. And if you want to maximize your POS system’s security, you may have to make some room in your budget.
But before we get to all of that, let’s talk about risk. Here’s what you need to know about credit card fraud.
When the Chip or Strip Doesn’t Work
You’ve almost certainly seen this scenario play out. A customer has their card in hand. They’re ready to pay. But—wouldn’t you know it—the strip or chip just won’t read. What do you do?
The easiest solution is also the one most likely to expose you to risk—just key in the credit card number. The second you do that, you expose your business to multiple forms of potential liability. The risk of both credit card fraud and undefendable chargebacks go up.
Keying in a credit card number sidesteps the security precautions put in place by both payment processors and financial institutions. And, unfortunately, there are plenty of criminals out there who are well aware of this fact.
Which is why credit card fraud is trending upward.
Fraud on the Rise
Of course, there are times when you simply can’t use a credit card’s magnetic strip or the EMV chip. Any order taken online, by phone or, if you’re feeling really old-school, by mail is known as a Card-Not-Present (or CNP) transaction.
And that’s the space where fraud is currently growing. In fact, The Aite Group estimates that global CNP fraud will exceed $7 billion by 2020.
As Robert Harrow, a financial writer for Forbes, explains, “Credit card fraud is migrating online. That’s because the small EMV chips, which are now ubiquitous, have made it extremely difficult to counterfeit credit cards. . . . The days when a fraudster could just waltz into a local convenience store and use a counterfeit card are (mostly) gone.”
And the last line of that quote is the kicker because there is one scenario would-be criminals can still exploit to commit credit card fraud in person. All they have to do is present a well-meaning merchant with a card that doesn’t seem to work. If the chip won’t read and the magnetic strip won’t scan and you decide to just key in the card number, guess what?
You inadvertently circumnavigate multiple layers of payment processing security.
Let’s Talk Cost
As mentioned above, there are times when CNP transactions are inevitable. Any business you do online will force a CNP transaction. Not to worry. There are things you can do to make those more secure.
But before we get to that, let’s cover one more unpleasant aspect of manually keying in credit card numbers—increased transactional cost.
Different payment processors handle manually entered credit card numbers differently. Here at Talus, we don’t tack on any extra fee for manually entered credit card information. However, the financial institutions who provide credit cards do increase their fees, and that means your cost per transaction will go up, even if you’re one of our customers.
Not only that, but any disputed charge will almost certainly be charged back if you manually enter the information for a credit card that’s physically present. Again, this has to do with the issuing bank, not your payment processor. Financial institutions don’t like it when you sidestep security.
2 Easy Ways to Boost POS Security
Emiliano Moreno, a Corporate Manager with Talus Pay, is candid when it comes to the option of manually entering credit card information. “Swiping is always going to be better than manually keying in the transactions,” he said.
As Moreno explained, the possibility of increased risk combined with the guarantee of increased cost makes manual entry a less-than-ideal option all the time. So what do you do instead? Two things.
1. Avoid manual entry if at all possible
This is the single most effective way you can lower your risk, dodge unnecessary costs, and protect yourself from excessive chargebacks, all at the same time. And, as promised, this policy-based upgrade won’t cost you a dime.
2. Use AVS
When you have no choice but to accept payment with a manually entered card (either because you’re taking payment remotely or the customer’s card simply isn’t working), we highly recommend AVS.
AVS stands for “address verification system.” Typically, there’s some form of AVS in place by default, meaning you would have to intentionally bypass it to not use it. Don’t do that.
AVS often just requires an address and a zip code. As Moreno explained, “The system is going to interface with the issuing bank and verify the address.” This additional security measure can help minimize the risk of chargebacks.
Moreno also recommends using the CSV code in addition to AVS.
One Recommended Upgrade
If you’re particularly security minded (which is, by the way, a good thing), there’s one additional upgrade we’d like to recommend. This may incur additional cost, but it will also boost your POS security just a bit more.
When it comes to EMV (short for Europay, MasterCard and Visa) chips, Moreno pulls no punches. “If you don’t have the capability, you need to switch over immediately.”
To be clear, Moreno isn’t overstating the importance of EMV chips. Eric Pesale, an attorney specializing in business law, writes, “EMV compliance law stipulates that all businesses need to upgrade their point-of-sale (POS) systems to accommodate EMV chip cards and EMV compliance.”
And what happens if you’re not compliant? You take on greater risk. “No retailer is legally obligated to change—it’s a mandate, not a law,” reports Lara Ewen, a business writer. “But since the liability shift, any payment fraud is the responsibility of whichever party is using the lesser technology.”
EMV chips are significantly more secure than magnetic strips, providing greater protection from potential fraud. Magnetic strips are definitely the “lesser technology.” If you swipe a card that has a chip, you will not be able to stop chargeback claims against that transaction.
Make Your POS System as Secure as Possible
If you’re ready to take POS security to the next level, the experts at Talus Pay are here to help. Our team of payment processing consultants specializes in helping clients find the payment options that meet your business needs—both today and as your business grows.
Don’t leave yourself open to potential fraud. Find out how you can boost the security of your POS system right now by connecting with Talus Pay today.