How to Prevent Online Fraud: Knowledge is Power

How to Prevent Online Fraud

Fraud is a fact of online life. Every year there’s at least one new story about a major fraud ring or security breach that could affect anybody who shops, sells or does their banking on the internet. Although online fraud rises and falls from year to year, it will never disappear. The good news is that, with the technologies and security features available today, it’s not so difficult to operate a strong, secure business.

Quick Figures

  • In Europe, payment card fraud increased in 2012 for the first time in the previous five years.
  • In the UK, Europe’s leading online shopping economy, payment card fraud rose by 3%, but remains significantly lower than 2008 rates.
  • Within the Single Euro Payments Area, 0.038% of funds transacted by credit or debit card are lost to fraud, while within the UK the rate is 0.074%, nearly double.
  • Contrary to popular assumptions regarding high-risk countries, 66% of all online scams worldwide originate in the US, and over 10% originate in the UK.
  • Every year, one out of every four small businesses fall victim to some form of cybercrime.

Since it can be intimidating for a small business owner to know how to keep themselves and their customers safe, we’re here to help. The important thing is to remain vigilant and be aware of who your customers are and what types of transactions move through your web store. On the flip side, you also don’t want to go overboard with your security features by treating every customer like a criminal and risk driving them away.

Whether you have a brick-and-mortar business with an online component or it’s entirely e-commerce-based, here are a few guidelines you can follow to keep you and your customers from becoming targets of fraud:

  • Be in the Know

When doing business online, you need to be aware of the different types of fraud beyond the usual stolen payment cards and identity theft. For example, in pay-per-click fraud schemes, your ad is hacked so that when people click on it they are redirected to a phishing site andyou still getcharged for the click. Stay informed about the latest scams and techniques used by cybercriminals so you know what to be prepared for.

  • Know Your Customers

Enacting a good Know-Your-Customer policy can save you a lot of grief later down the line. It’s not worth the risk to do business with somebody if you haven’t confirmed their identity and that they genuinely exist. Use an address verification system to make sure the customer’s physical address is valid and keep records of all contact you have with customers. For more about Knowing-Your-Customer (KYC) click here.

  • Know Your Transactions

It’s vital to a have systems in place to identify potentially fraudulent transactions. Be vigilant about monitoring the types of transactions that go through your web store so that you can identify and flag unusual transactions (very large, out of character for the customer, originating from an unusual location, etc.) and put them through an extra layer of security.

  • Know Your Credit Cards

Most credit card fraud occurs during card-not-present transactions. When accepting credit card transactions, practice due diligence such as making sure the card’s country and issuing bank match the customer’s information and use additional layers of security such as MasterCard SecureCode and Verified by Visa.

  • Know Your Shipping Methods

Secure your shipping methods with postal insurance and tracking services, and use a courier that requires the recipient’s signature upon delivery. Don’t ship orders until the customer’s identity and address have been confirmed and the payment has been received.

  • Know Your Technologies

Fraudsters can infiltrate your web store through your network if your technologies aren’t up-to-date, allowing them to steal your customer information or install malicious software. Make sure your firewalls, anti-virus and anti-malware all have the latest rules and that your browsers and programs have the latest patches installed.

In addition to these guidelines, you should also maintain a good customer service presence. Often complaints from customers can make you aware of phishing sites or glitches in your system which could indicate malware or vulnerabilities much sooner than you might otherwise discover them.

How DalPay Helps to Prevent Online Fraud

At DalPay, we’re committed to online security. DalPay merchants are provided with all the tools they need to protect themselves and their customers from stolen cards and cyber shoplifters. We practice a strict Know-Your-Customer policy and always confirm your customer’s billing address through an Address Verification System (AVS) before shipping. If you have any suspicions about a specific order, we’re happy to perform a secondary screening at your request for no additional cost.

Finally, remember that we’re here for you. If you have any questions about the security of your business or your customers, please feel free to reach out to a member of our team.

Enter your email address to follow this blog and receive notifications of new posts by email.



The Importance of KYC for Security

Security: Know Your Customer

Know-your-customer or KYC is the practice of collecting data about your customer base for a variety of purposes beneficial to your business. Know-your-customer should be implemented as a company-wide policy and be considered in every decision you make, but at a basic level, KYC has two primary functions: marketing and security. Today we will be talking about KYC in Security. Click here to read our article about on KYC in Marketing.

KYC for Security

Knowing and understanding your targeted customers is the key overarching factor in how well your company is going to distinguish itself from its competitors. In online business, know-your-customer or KYC becomes doubly important. Knowing what to sell and who to sell it to is one thing, but when your business is conducted virtually rather than face-to-face, knowing your customer becomes a matter of security. Fraudsters lie in wait for a company that doesn’t take KYC seriously – if that turns out to be you, your business could be involved in fraud, identity theft, money laundering and terrorist financing without you even knowing it.

Electronic payment volumes grew at an unprecedented rate last year (see also: E-Commerce Growth Report 2014), and the reality is that cybercriminals see the industry as a cash cow. Because of this, KYC is about a lot more than just delivering a great, personalised service – it’s about operating a secure, ethical and sustainable business.

  • Security: In most jurisdictions there is a basic level of know-your-customer enforced by law. That is because, put simply, there is no more effective security measure than KYC. If you can confidently verify the identity of your customer then they cannot effectively conduct criminal activities using your product, service or platform. Cybercriminals needs to operate anonymously to effectively launder or steal funds, so forcing customers to verify their identity will keep fraudsters away.
  • Ethics: By failing to maintain adequate KYC controls, you are effectively turning a blind eye to any number of potential illicit activities such as identity theft and terrorist financing. Most importantly, any one flaw in your security practices puts not only you at risk, but also your business partners, banking partners and all of your legitimate, law-abiding customers. Allowing responsible KYC to fall by the wayside is unethical because it puts all of your loyal customers and associates into the line of fire.
  • Sustainability: Think you can cut corners? Put security on the backburner until you have more resources at your disposal? That’s a sure-fire way to drive your business into the ground. In the age of social media, word gets out faster than you could imagine. Any one bad apple among your customers can cause long-lasting reputational damage that you may never recover from. The only way to create a sustainable online business is to keep top-of-the-line security practices right from the beginning and to know every one of your customers.

At DalPay, we take a little extra time to get to know our customers. Our philosophy is that our customer is not just our client, but also the countries we do business with, our banking partners who make our business possible, and our employees who keep our business running. There are too many organisations in the online payments landscape that don’t share our holistic approach to KYC, and their lax attitude is harmful not just to themselves, but to everyone in the industry.

When a fraudster makes his way through a security system due to insufficient KYC practices and begins moving money around, he’s going to set off a red flag that begins a chain of reactions. Funds are frozen, payments are delayed and accounts are locked. That’s why a truly secure organisation is one that gets it right the first time every time.

When DalPay approves a client to become a direct merchant or a sub-merchant, that means the customer has gone through our rigorous KYC program.We have a clear picture of who they are and we’re certain that their business model and activities meet the requirements of our banking and country partners. Because of this, we’re confident that our merchants will never have their accounts locked, funds frozen or payments withheld.

KYC: The Essentials

There are countless know-your-customer methods practiced in the e-commerce industry, but there are four specific steps that a business must be willing and able to follow on a day-to-day basis to ensure a responsible level of security.

  1. Customer Acceptance Policy – The first step is to realise that you can’t accept every customer that comes your way. You need to develop clear and explicit criteria for who you do business with and perform due diligence to ensure that all of your customers are operating under their real name and are not associated with fraudulent or criminal activities.
  2. Customer Identification Procedures – Beyond customer acceptance, you need to develop and outline procedures for customer identification at every step of the relationship, from submitting personal information such as addresses and bank accounts to carrying out a transaction and shipping a product. Fraudsters often try to infiltrate existing, “verified” accounts and therefore you need to be able to confirm your customer’s identity at every interaction.
  3. Monitoring of Transactions – E-commerce is full of patterns and when something doesn’t fit in to those patterns then it might be a red flag. The third step in an effective KYC program is to be able to identify unusual and high-risk transactions, such as very large or complex transactions or those that operate contrary to the normal behaviour of your customer base. These transactions should be subjected to a higher level of scrutiny.
  4. Risk Management – An organisation’s risk level can never be reduced to zero and particularly in e-commerce there are risks around every corner, so no KYC program is complete without established risk management procedures. Internal audit and compliance functions as well as company-wide training programs should be in place to minimise the frequency of risky activities. Customer accounts and specific transaction types should be categorised by their risk level and put through the appropriate level of due diligence.

Don’t be one of those businesses with money launderers and terrorist financers operating right under your nose. Follow these four steps to allow your business to operate securely, ethically and sustainably while complying with established KYC regulations. By knowing your customer from the very beginning, you can greatly reduce your short and long-term risk levels and provide a safe and reliable product or service to your clientele.