Credit card fraud is still rampant in the US, even after US EMV liability shift convinced many merchants to purchase terminals to support chip cards. Marine, auto, and other high value parts dealers have long had a problem mitigating fraud risk with local and international parts.
- For card not present orders, require self-pay with cardholder authentication. Taking cards over the phone, and or requiring a credit card authorization form, will not protect against all forms of counterfeit card fraud. However, consumer authentication shifts liability back to the issuer; the issuer guarantees payment, and because it’s lower risk, dealers can qualify for lower interchange rates, the bulk of merchant fees. Online payment, ecommerce payment, and electronic bill presentment and payment are the 3 methods dealers can use to enable self-payment.
- For retail orders, EMV is mandatory. Not by regulation, but by necessity. If a chip card is presented, and merchant supports, they’re 100% protected from counterfeit card fraud, and sometimes lost or stolen cards; if not supported by the merchant, the merchant can be automatically charged back at the issuers discretion and there’s no dispute process for merchants.
- Check guarantee. Whether in person or via echeck, check guarantee services are only good if they don’t reject your checks later on. Surprisingly (or maybe not), some services seem to look for ways not to approve your claim, such as information is missing from checks. This can be avoided with technology that forces users to collect the right data, including for remote self-payers.
If all of the above are implemented, dealers are protected from virtually any type of credit card fraud. The following tips will help prevent other types of lost disputes, or serve as supporting documentation if not all the above are implemented.
- Get a signed sales order. This can reduce non-fraud claims related to disputes about what was expected. The sales order should clearly state what was sold, refund policy, and cancellation policy, or refer to another document that specifies the information, but is initialed acceptance on the sales order.
- Ship to cardholder billing address. If not possible, then get cardholder approval that states bill to and ship to address are different, and they’re approval.
- Require all communications to cardholder business email address if selling wholesale. Free email like gmail is not OK.
- Require cardholder respond from business email address approving transaction receipt. This is a strong document in the case of a dispute for “I didn’t approve it”, especially when a third party is picking up the part from the dealer.
- The marine, automotive and other distribution companies are hit particularly hard with non-qualified transaction penalties when shifting between retail, key entered, and online payments. It’s critical that transactions are presented properly not only to qualify for lower rates, but to protect against lost disputes that require specific evidence for each type of transaction.
Not related to security, but critical for interchange rate qualification, the bulk of credit card processing fees, all services (retail, MOTO, ecommerce) should support level III processing.
In summary, dealers need US EMV and cardholder authentication to maximize risk mitigation from credit card fraud. US EMV requires terminal certification, and gateway certification* to your merchant account provider. Cardholder authentication requires a payment gateway certified for the service. There are very few companies that meet all these requirements so if your credit card processing salesperson gives you a blank stare when you ask, it’s time to explore other options.
*A payment gateway certified for level III retail to your acquirer is required; countertop terminals are incapable of sending level III data.