High Risk Credit Card Processing & Fraud Prevention
Merchants are assigned either in the high risk or low risk category by credit card processors. Since most processors opt to do business with low-risk merchants because they’re not as risky, there aren’t a whole lot of merchant services that work with high risk merchants.
Why are merchants considered high risk?
Let’s back-up for a second and quickly explain why your business has been placed in the high risk category. In most cases, it’s because of the following characteristics;
- Excessive chargebacks.
- Little or no credit card processing history.
- Bad credit history
- Recurring payments acceptance.
- Customers in countries that are associated with high levels of fraud.
- Multiple currency acceptance.
- Average monthly sales volume is more than than $20,000.
- Many credit card transactions are greater than $500.
- Seasonal or sporadic sales patterns.
- In an industry known for having a high returns or chargebacks.
Even how you process payments and sales methods can determine whether your business is considered high risk or not. For example, if you run a brick-and-mortar with an EMV terminal, the chances of fraud occurring are minimal because the customer’s card has to be present. And, since the customer is present, they can dispute any charges in-person before they’re card is charged.
What if you run an eCommerce site or involved in an industry that has been deemed risky? Here’s how you can still process credit cards securely in order to prevent any instances of fraud.
Find a high risk credit card processor and play by their rules.
As mentioned above, there are credit card processors that work with high risk merchants. Some of the better known examples are Payline Data, Durango Merchant Services, eMerchantBroker.com, and Soar Payments. Not only do these companies process credit card payments for high risk merchants, they also work with you to get your account set-up quickly and minimize your chargebacks.
Do your homework and find a trustworthy high risk processor that fits your specific business needs and then, as Terry Jepson writes in an Auhorize.net article, “Follow the procedures recommended by your payment processor and the credit card companies. You can lose your merchant account for failing to follow their rules.”
Jepson adds, “If a merchant suspects a fraudulent order, contact the registration service, so they can cut reduce the total number of chargebacks. Registration services with a large number of chargebacks will likely be charged higher services fees, which will be passed on to merchants.
Everyone wins when the registration service, the card issuing bank, and the card holder are notified of a fraudulent or suspected fraudulent order.”
Speaking of chargebacks, which is simply returning funds to a customer due to examples like unauthorized transactions, you can minimize these cases of fraud by;
- Address Verification System (AVS) where the cardholder’s address and zip code matches the information at the card-issuing bank. This prevents employee fraud since each transaction can be matched.
- Card Verification Methods (CVM) like the three or four digits that are found on the back of the card.
- Payer authentication programs that require customers to enter a password.
- Real-time authorization where the card information is sent for immediate approval.
- Keeping a database of any fraud attempts, problem customers, chargebacks, and customers receiving refunds.
- Checking to make sure that the customer is an actual person, such as making sure email addresses are properly formatted or the mailing address is legit.
- Not shipping any order until it’s been authorized and verified by the card-issuing bank.
- Use temporary activation codes if customers are downloading software.
Limit failed transactions.
There are a number of fraudsters who will purchase a large amount credit cards in order to use them on eCommerce sites. While that can be troublesome for businesses, the good news is that these nefarious individuals don’t have all of the cardholder’s information, such as their zip or CVV code.
That doesn’t mean that they’ll give-up that easily. They’ll keep trying to guess or figure out this information until they get it right.
On your end, you should limit the amount of failed transactions that go through your payment gateway. It’s the norm to set the number at two to three failed attempts.
Flag large transactions.
Let’s be honest. Chargebacks and fraudulent transactions are always bad, no matter how large or small the transaction size. Larger transactions, however, can be particularly detrimental for small businesses because they have higher underlying costs. That means that the business will have to shell out more money for refunds. Fraudsters generally also attempt process larger transactions before the card gets blocked.
To protect yourself, limit the amount of larger transactions that you process either by the percentage of your average ticket or flat-dollar amount and always manually review transactions that have flagged. If anything looks suspicious, call the customer immediately to verify that transaction.
Follow basic security measures.
Sometimes the best way to protect both you and your customers is by reducing risky behavior like:
- Leaving smartphones and tablets unlocked and unattended in public spaces.
- Throwing away bank and credit card statements in the trash without shredding them or not using two-factor verification for online statements.
- Emailing sensitive information.
- Keeping your PIN in your pocket.
- Using strong passwords and not keeping your software updated.
- Educating yourself and employees on the ways that you can get scammed online.