The threat of credit card fraud on small businesses has never been as big than it is today. And while large corporations have similarly large fraud prevention budgets, small business owners are stuck scraping the bottom of the budget barrel looking for resources to use toward preventing identity theft and other financial frauds.
Unfortunately, a large portion of small business owners overlook their individual risks. In fact, a full 48% of small- to mid-sized business owners don’t think their businesses are large or relevant enough to get targeted by an online thief, according to fraud prevention expert Emailage. But the facts dispute this belief.
Businesses with between 10 and 49 employees had the highest reported fraud losses. Each incident averaged $37,258 in total losses. The truth is that, whether you employ one person or a thousand, credit card fraud is a real threat to you and your business. Here are some specific ways you can protect your business, no matter the size.
Point-Of-Sale Must Be Protected
The most common form of fraud at your point-of-sale is what’s called card skimming.
Card skimming can be done physically or digitally by criminals. Some do it physically with tactics such as inserting an information-gathering chip into your POS device. Others resort to digital attacks, by infecting POS systems with malware that steals credit card numbers.
There’s also now a new fraud threat using devices called shimmers. These dangerous devices directly capture a user’s card data from EMV chip cards.
To stay ahead of these threats, it’s important to keep your POS systems as physically secure as possible. Part of this involves keeping all of your POS devices under lock and key during hours that you’re closed. Don’t make them accessible to anyone but yourself or a trusted manager.
As a small business owner, the most common kind of point-of-sale fraud you’ll need to combat is card skimming. Because of this, you need to thoroughly inspect all of your POS devices several times every week. Do it every single day if at all possible.
Look for things that look somehow out of the ordinary, like:
- Exposed wiring
- Bulky fitting
- A loose housing
- Anything else that seems like it’s out of place
Lastly, make sure your POS system software is always up-to-date. Important security updates come through on many software updates. Don’t risk operating if your POS software doesn’t have all the correct security updates.
Be Aware Of Card-Not-Present Fraud
A crime called card-not-present, or CNP, fraud happens when a criminal pays with a credit card number over the phone, on the internet or in any other way that does not require that they show the actual card.
As EMV chip cards have made card present transactions more secure, fraudsters are now focusing on card-not-present fraud. A Juniper Research study found that retailers might lose $130 billion or more from card-not-present fraud from 2018-2023.
The best practice for combating CNP fraud is quite simple. But many small business owners end up getting a little lazy with this. With every order you receive online or over the telephone, make sure that you require that the buyer provide the CVV (card verification value). The CVV is the three- or four-digit number that’s most often found on the back of each credit card.
To further weed out CNP fraud attempts, ask the user for the billing zip code that’s associated with the credit card.
Get Help From Third Parties
Chances are, you don’t have the funds to hire your own staff for full-time cybersecurity. But that doesn’t mean that you need to take on all the financial identify theft attempts on your own.
There are several solid partners out there that specialize only in financial fraud detection. They are experts at helping merchants identify potential risks before a fraudulent sale is processed.
These partners will use advanced technology to help online and brick-and-mortar businesses develop ways to give incoming orders fail or pass grades. For example, advanced algorithms can be used to tie order histories to email addresses, physical addresses, IP addresses and more.
When an order gets a passing grade, the fraud detection service would be liable for any loss you might incur on the order. However, if an order gets a failing grade, you get to make the decision on shipping. But any loss you incur wouldn’t be covered by the fraud detection service.
Fraud Prevention Training
Poor employee habits can quickly put your entire business in a risky situation. Because of this, it’s important to train and work with employees on what potential threats they might face. Teach them what they should do and what they shouldn’t do when it comes to financial identify theft.
Talk with your workers about how downloading attachments from unknown sources can infect your systems with malware. Let them know about the dangers of logging into company networks on public Wi-Fi connections.
Consider Taking Mobile Payments
More consumers have started to use mobile payments as a way of shopping online and in person. And there are huge security benefits for owners of small businesses that upgrade equipment and start accepting mobile payments from customers.
When you accept payments from apps such as Apple Pay, a customer’s credit card is never inserted into your payment terminal. This drastically reduces your fraud risk.
Vulnerability Tests and Cyber Insurance
No business, large or small, will ever be 100% safe from credit card fraud or other financial crimes. Scammers and fraudsters are always evolving and changing how they approach their crimes. Because of this, getting cyber insurance could help save your business from the brink of bankruptcy if you ever experience a breach.
Your cyber insurance policy would cover expenses you’d incur such as customer notifications, lawyer fees and most other costs caused by the breach.
If you have the financial means, another recommendation is to hire a qualified cybersecurity firm to perform a complete penetration test of your POS systems and business networks. This will reveal how vulnerable your business is to a potential cyberattack.
This prevention step could protect your customer’s private data and save your small business.
Small Businesses Need to Remain Alert
Fraud has become a booming threat as we head into 2020 and beyond. It’s never been more important for small business owners to remain one step ahead of the threat in order to keep their customers and businesses safe.
Start taking cybersecurity seriously today to avoid being caught off guard tomorrow.