Are small transactions on my ecommerce site from stolen card testing ?

There are increasing reports of ecommerce businesses reporting small transactions online- usually for a couple of dollars. Consumers have reported similar transactions on their statements, for purchases not made by them. In both cases, they are tied to stolen credit card data.

Some credit card issuers have taken a very aggressive stance in identifying these types of transactions, including developing special algorithms, and are calling consumers to tell them about suspected fraud. Their cards are being replaced at no cost to consumers. Reports of these transaction types have been increasing since late December.

Are they related to the Heartland Payment Systems data breach? Some banks are automatically replacing all cards issued if they have a Heartland relationship. Specific tie-ins to the $1 and $2 transactions have not been made public yet, but the timing seems to match up.

RECOMMENDATIONS