Eight out of ten business who sell online will be the targets of credit card fraud at some point, says PayGate founder and MD Peter Harvey – and the onus is on those who provide payment gateways to help their clients manage the risk.
PayGate, founded in 1999, provides online payment services to clients including universities, airlines and retailers such as Woolworths and Yuppiechef.
“Traditionally, merchants have carried all the risk of fraudulent credit card activity,” says Harvey. “If someone went on a shopping spree on your site using a stolen credit card, you would be directly liable – the bank would just take the money straight back out of your account if the original card holder complained.”
Mastercard and Visa introduced 3D Secure to protect merchants, explains Harvey, “but many of the US banks aren’t enrolled in the system – so the fraudsters just use US credit cards. The merchant isn’t directly liable because they’ve made an effort to verify the card, but they still lose out in the long run. If a site is a frequent fraud victim and the bank starts losing money, they may just shut down your merchant account entirely.”
PayGate has developed its PayProtector service to add an extra layer of protection for online businesses, says Harvey. “As a payment gateway provider we handle millions of transactions, and we’ve learned the markers and patterns of fraudulent activity. PayProtector will automatically block suspicious transactions before they’re even sent to the bank for processing. At some sites that are particularly attractive to fraudsters, we’re blocking 50% of all transactions.”
Detailed daily reports provide yet more protection: “Some transactions are not obviously fraudulent, but still flagged as medium-risk,” says Harvey. “The daily report gives the merchant a chance to do more investigations. If the card checks out, they can go ahead as normal; if there’s a problem, they have a chance to refund the transaction before they ship the goods.”
There are even stronger fraud protection systems available, says Harvey, “but they can be expensive to implement and often need several skilled staff to run. Very few businesses can afford that, especially in the early years. We’ve designed PayProtector to be quick, easy, effective and affordable.”
The system doesn’t work for all: Businesses who sell online vouchers, tickets and downloads are particularly vulnerable to credit card fraud. In these cases and in the long run, says Harvey, “the best protection is to know your customers. That means you need business processes that gather the information you need, and limit your exposure to new customers until they’ve established a track record. We work with our merchants to develop systems that will work for them.”