Fraud Awareness

The best defense against fraudsters? A well-educated merchant.

Cybercriminals are getting more sophisticated each day, accounting for millions of dollars in credit card theft via chargebacks every year. That's why it is imperative that you stay vigilant against potential credit card scams by employing the tips and best practices found on this page. Have a merchant account with us? You can also download our convenient Card Acceptance Guide.

Tips for accepting payments in person.

If possible, always swipe, tap, or dip a physical card. If you key in the card info you will incur higher fees and more chargebacks due to human error.

Clearly post your return policy and print it on the receipt so there is no ambiguity at the time of a return.

If you have a PIN pad, ask your customer if they'd like to run their card as a debit. Doing so will cut down on fees and enable safer transactions through PIN validation.

Accepting mail and telephone orders.

Obtain authorization for every sale and only ship to permanent addresses (avoid sending to P.O. boxes and hotel lobbies).
Send a copy of the sales draft and order form to the customer and be sure to maintain copies for your records.

Making an ecommerce sale.

Reject orders if every piece of information you asked for isn't provided.
Proceed with caution if there is a difference between the "bill to" and "ship to" address. Someone may just be sending a gift, but you may want to call them to confirm.

Other best practices for fighting credit card fraud.

Contacting the issuing bank to validate cards you believe may have been tampered with.
Batching daily to ensure lower interchange rates.
Requesting signatures and ensuring they match those on the cards.
Utilizing fraud prevention tools like CVC and CVC2 codes (Mastercard) and CVV codes (Visa, American Express, and Discover).
Using an Address Verification Service (AVS) to verify a cardholder's billing address against the card issuer's records during the authorization process.

PCI compliance 101.

We work tirelessly to help protect both your business and your customers from credit card scams and that includes helping you maintain PCI compliance. That said, while we update our solutions continuously to remedy any compliance issues, the responsibility for maintaining your PCI compliance ultimately rests with you.

The 12 basic requirements for PCI compliance are as follows:

	Install and maintain a firewall to protect cardholder data.
	Do not use vendor-supplied defaults for system passwords and other security parameters.
	Protect stored cardholder data.
	Encrypt transmission of cardholder data across open, public networks.
	Use and regularly update anti-virus software.
	Develop and maintain secure systems and applications.
	Restrict access to data by business need-to-know.
	Assign a unique ID to each person with computer access.
	Restrict physical access to cardholder data.
	Track and monitor all access to network resources and cardholder data.
	Regularly test security systems and processes.
	Maintain a policy that effectively addresses information security.

The very latest in encryption and tokenization.

The best way to protect data from credit fraud is a comprehensive approach that includes:

Certified, point-to-point encryption that encodes sensitive cardholder info before it goes into the authorization stage.
Military-grade tokenization that replaces customer account numbers with tokens or values that are meaningless to fraudsters.

At NAB, we've always operated on the forefront of the industry when it comes to encryption and tokenization, while reducing the time and costs associated with protecting cardholder data.

The EMV liability shift explained.

The adoption of EMV "chip cards" as the standard for card issuers and merchants is well underway. In fact, back on October 1, 2015, the liability for credit card fraud shifted from card issuers to whomever in the transaction process has the lesser technology. At NAB, we make it easy to protect your business from fraud by offering the widest possible range of up-to-the-minute EMV-ready solutions.

Protect your business and customers from credit card fraud.