Business risk management and insurance

How to reduce credit and debit card fraud

Fraud can have a huge impact on your bottom line, but it’s not always easy to spot. This guide outlines some of the most common types of fraud and steps you can take to protect your business.

Reading time: 5 minutes

In this article

Fraudulent credit and debit card transactions

Fraud is a risk for any business that accepts credit cards, and it can have a significant financial impact. Fraudsters like to operate in busy periods when staff have less time to scrutinise transactions – which means it’s important to be vigilant year-round, not just during major shopping events like Black Friday or in the lead-up to Christmas.

The more you know about different types of fraud, understanding the potential risks, and being vigilant for any unusual behaviour or spending patterns, the more you’ll be able to protect your business.




Identity theft

One of the most common types of credit and debit card fraud is when a person simply steals someone else’s card (or takes a card that’s been lost) and makes unauthorised purchases.

It can be hard to identify and prevent this type of fraud, especially with the ability to ‘tap and go’. But you and your staff can help by being the first line of defence. 


Example

A first-time customer buys a large quantity of your goods, is not concerned about the price, colour, or size, and their purchase is much larger than a normal purchase. If it all seems too good to be true, it probably is.

If you come across a situation like this, it’s wise to ask for an alternative form of payment, e.g. bank deposit or cash.

Refund fraud

A favourite scam at busy times is requesting cash refunds on fraudulent credit and debit card transactions via your EFTPOS terminal. 

This is often committed by employees processing refunds to their own debt and/or credit card. To avoid detection, they may create a large sale on a fraudulent card and then process a refund to their own card. Refunds may also be processed to their own cards without a corresponding sale.

To help make sure you don’t get caught out, it’s a good idea to remind your staff of these steps to follow when processing refunds:

  • If a customer returns goods which have been paid for using either a credit or debit card, do not give the customer a cash refund or credit to a bank account
  • Process the refund back to the same card that was used for the original purchase 
  • Your staff will be able to match the transaction receipt to the card by using the last four digits of the card used to make the purchase.


Following this process helps avoid issues with chargebacks from customers. If a credit card transaction turns out to be fraudulent, it may be charged back to you and could end up costing you more than the original sale.

To safeguard against this type of fraud, we recommend you:

  • Closely monitor all refunds, checking they all correspond to a legitimate sale and are refunded back to the card used in the original purchase
  • Pay particular attention to large refund amounts or an increase in the number of refunds
  • Limit the number of employees with access to your merchant number
  • Restrict access to your refund card
  • Watch for high volumes of ‘key entered’ transactions, where the card number is entered into a terminal instead of swiping or inserting the card
  • Be alert to changes in staff behaviour or sudden evidence of an increase in their wealth
  • Be wary of staff taking cash sales and balancing by processing fraudulent card transactions.

Card not present transaction

Internet, mail, and phone order transactions are commonly referred to as ‘card not present’ transactions, as the cardholder and card are not present in person. 

If your business accepts card not present transactions, there’s generally a greater risk of fraud. This is because fraudsters take advantage of the anonymity this type of transaction provides. They’re able to make purchases with or without a physical card, at any time, from anywhere in the world.


Reducing the risk of card not present transactions

Remember, merchants with card not present facilities are liable for fraudulent payments that occur through those facilities. You can help minimise the possibility of this type of fraud by implementing the following measures:

  • Develop a standard credit card transaction checklist that all staff must use when taking an order
  • Develop and maintain a secure customer database to track buying patterns and identify changes in buying behaviour
  • Advertise that your business will prosecute fraudulent activity on your website, which may help to deter fraud
  • Discuss additional security with your service provider or an IT expert to help you redevelop your website payment page, e.g. blocking suspect IP addresses.

If you think your website has become a target for fraud, we suggest you shut the site down for a short period of time and investigate where the fraud is coming from. Once you’ve established the threat, block the IP address from which the orders are originating, if possible.

Other ways to protect your business from card fraud

Taking some time now to get the right processes in place can help you enjoy a successful business now and into the future.

Our Merchant Operating Guide and Card Payment Fraud Minimisation Guide have practical steps you can take to help protect yourself against fraud.


Securing your business against scams and fraud

In this webinar recording, Erica Boscato from CERT NZ discusses how New Zealand businesses can protect themselves as fraudsters and scammers become more sophisticated.

CERT NZ is a government authority on cyber security, providing practical guidance on how to keep your business information safe and secure online.

Contact our Merchant Business Solution team

If you have questions about your ANZ merchant facilities, contact our Merchant Business Solution team using our enquiry form or call 0800 473 453.

Popular running your business articles

Related content

Important information

We’ve provided this material as a complimentary service. It is prepared based on information and sources ANZ believes to be reliable. ANZ cannot warrant its accuracy, completeness or suitability for your intended use. The content is information only, is subject to change, and isn’t a substitute for commercial judgement or professional advice, which you should seek before relying on it. To the extent the law allows, ANZ doesn’t accept any responsibility or liability for any direct or indirect loss or damage arising from any act or omissions by any person relying on this material.

Please talk to us if you need financial advice about a product or service. See our Financial Advice Provider Disclosure Statement (PDF 44.6KB).

Was this content helpful?