It may not come as a surprise that the subject of payment risks, threats and security features are not on the list of retailers’ “top 10 most exhilarating reads”. But whilst it doesn’t pique the same sense of entrepreneurial excitement as learning about marketing, sales or shop design it is, for those who value keeping all their profits, still an important topic.
The Change In Payment Methods
The retail payment landscape has begun shifting at an exponential rate, with customers increasingly looking at ways to pay electronically in preference over physical cash, especially with the expansion in methods of making non-cash payments.
Alongside the rapid development of payment products, services, rules and technologies – the tools for perpetrating fraud and theft are also changing at alarming rates.
Every payment method, whether paper or digital, involves risk.
From a fraudulent risk of financial loss in the payment transaction which has materialised from deception; to the risk of an incomplete transaction because the payee does not have a legal claim on the payer; to operational risks of financial loss due to various types of human or technical errors that disrupt the clearing and settlement of a payment transaction; or even defective devices that hinder the completion of a transaction.
If you have a retail or ecommerce store you’re probably aware that fraud exists. If you currently have low levels of fraud, it can imply that:
1. Risk is low
2. Current actions of reducing fraud are effective
3. Or weaknesses haven’t yet been identified
High levels of fraud obviously demonstrate that payment risks are high and that action needs to be taken urgently.
Retail Payment Systems
It is reassuring to know that, despite these threats, many payment systems have security features built in to help keep potential fraud and operational risks at fairly low levels. The rising competition amongst payment system providers means retailers’ have benefited from the incentive for service providers to add security features to reduce these risks.
Risk-reducing attributes of a secure payment system, would largely fall under two main categories:
Insurance: an agreement between the two parties as to who will bear the loss when it occurs, e.g a merchant receiving a credit card payment is insured against the chance that the cardholder will not be able to pay the balance
Containment: is a comprehensive term for activities that tend to deter or stop a risk. In the case of fraud risk this could include, for example, swiping a credit card through a card reader to verify the validity of the card.
There are also additional prevention tactics you can employ in store to further alleviate payment risks:
Staff Training: training your staff to be more vigilant in looking out for potential thieves can save your business from theft or fraud. Some key ways to identify a likely thief are:
- Does the customer seem nervous or agitated? Actions such as nervous glances, showing unnatural or forced smiles, fidgeting or avoiding eye contact can indicate suspicious behaviour
- Are they trying to distract you? They may be overly friendly: inventing elaborate stories to force conversation and avoid suspicion, or they may be rude, trying to make you feel embarrassed about making checks.
- Customers making bulk or hasty purchases. The fraudster will ultimately be looking to make money. They probably don’t want the goods, they just want to sell them. So if they show no interest in what they’re buying, haven’t tried on the clothes, or are buying a seemingly unnecessarily amount of one item, it is suspicious.
- Is the customer buying small-value items while asking for maximum cash back?
- Although with chip and pin you don’t need to check the card, if you feel the customer is suspicious you can still perform checks. Look to see if the title on the card matches the gender of the person presenting it. Is the card number the same as the one printed on the receipt?
Keep your passwords and login details secure: you should keep passwords for online payment systems privy to minimal staff. Having too many staff members aware of your login details makes it harder to identify a potential culprit if something seems awry.
Stay vigilant with non Chip and Pin cards: almost all UK cards are Chip and PIN , so extra attentiveness should be taken when accepting cards that don’t have this feature. It’s important to know that not all overseas card issuers have yet upgraded their cards to Chip and PIN. If a card requires a signature, check the one the buyer writes matches the one on the back of the card.
How to respond: your staff should be trained on how to proceed if the card or customer fail any security checks – if something doesn’t seem quite right, retain the card, if safe to do so, and call the bank’s authorisation centre asking for a Code 10 authorisation. The bank will ask if the customer is still there and will tailor their questions around this. Then you’ll be asked questions to check the cards credibility, and if it’s a false alarm the banks won’t mind – better to be safe than sorry!
Having your staff properly trained, conducting regular checks and using an up-to-date payment system will help to alleviate payment risks, or at the very least make it much more difficult for fraud or theft to be committed against your business.