Global losses to credit card fraud has passed $30 billion a year, with over one-third of that in the US and Canada accounting for $800 million of the losses. And continuing data breaches means that up to 80% of credit cards are compromised.
There was a time in the good old days when the credit card companies took on all the liability of credit card fraud. They wanted everyone to use their credit cards, so they made it safe for both card holders and merchants to use them.
But in October 2015 in the US, and later in 2017 in Canada, something shifted. Much of the liability was pushed from the credit card companies on to the merchants and businesses, in most cases small business owners.
This was when the EMV chip card was introduced to replace the magnetic stripe cards. This security upgrade has caused a significant reducing in card present fraud, but only for fraudsters to focus their attention on card-not-present fraud instead.
Credit card transactions using chip cards amount to just over 50% of all card transactions, while card-not-present fraud is now 81% more common than in-person card present fraud.
The liability shift was meant to encourage the change to EMV chip cards by focusing on the weakest link. “The liability shift protects the entity who offers the greater level of security by holding the other entity with less secure systems responsible for fraud,” says Carolyn Balfany, safety and security expert at Mastercard.
But it did more than that through the emphasis of the “less secure system” being liable for the fraud. This major shift in liability was challenged in the US, where major retailers, such as Wal-Mart and Home Depot filed anti-trust lawsuits against the credit card companies.
They lost and the credit card companies got their way. But the attempt to encourage the use of EMV cards, also had another implication. It meant that businesses that relied on or accepted credit cards payments over the phone, were now responsible for the fraud and forced to bear the cost.
The way merchants and business owners are held responsible is through chargebacks, where the transaction amount is automatically redrawn from a merchant account. And with the liability shift, chargebacks are on the rise.
According to a whitepaper from Juniper Research, chargebacks for merchants are increasing by 20% every year, where the clothing, furniture and high-end merchandise sectors at the most risk.
To minimise risk to your business and reduce chargebacks there are list of options to improve security. First having a POS terminal with a major financial institution will mean higher level of security. Then there is staff training to spot card present fraud and ‘friendly fraud’, where the customer disputes a charge to his or her card based on a variety of reasons.
Then if your business needs to make card-not-present transactions, such as taking credit card payments over the phone, you should consider a card verification system that adds an extra layer of protection.
PaySecuri is a credit card payment security system that verifies card-not-present transactions. The system uses both card code verification (CCV) and address verification (AVS) to verify card-not-present sales, such as over the phone, online or mail order.