What is payment fraud?
Payment fraud is a type of fraud whereby a criminal intentionally uses stolen or false information to make a purchase. An example might be using someone’s credit card to make a purchase without their permission.
Some businesses are more susceptible to payment fraud than others. Retail businesses, especially those who deal online, are particularly vulnerable due to the large number of transactions they deal with each day.
If a business doesn’t have effective payment fraud prevention processes in place, they may endure significant losses, fines or other legal liabilities, and a worsening reputation amongst customers. They may also suffer from operational disruption as they investigate the fraud.
Financial institutions, healthcare companies, and hospitality businesses are also susceptible to payment fraud.
What types of payment fraud exist?
There are many types of payment fraud. These include but are not limited to:
- Debit card fraud – a bad actor may use a stolen debit card to withdraw cash from an ATM or make a purchase;
- Credit card fraud – a bad actor may use a fake or stolen credit card to make a purchase;
- Bank fraud – this refers to any form of fraud that involves a bank. This might include illegally transferring funds from one account to another (bank transfer fraud) or using a stolen identity to open an account;
- Check fraud – a bad actor may use a stolen check book to make a purchase;
- Merchant fraud – a bad actor or organization pose as a legitimate company, thereby gaining access to payment information that is used for criminal purposes.
- Mobile payment fraud – a bad actor may use a stolen mobile phone to purchase products using a method like Google Pay or Apple Pay.
How does payment fraud occur?
Fraudsters have many methods to commit payment fraud. These include but are not limited to:
- Skimming – debit or credit card information can be stolen by installing a device on top of a payment processor or ATM. The card details and PIN number are recorded, which then allows for counterfeit cards to be created and used without the owners’ knowledge.
- Phishing – a bad actor may obtain information from an individual or organization by asking for vital account information while posing as a trusted source (such as bank employee). Phishing is often done via text, social media, phone, and email, and often include links to fake log-in or payment pages.
- Chargeback fraud – this occurs when a person or organization asks for a chargeback from their credit card provider claiming that a product was defective or faulty despite this not being true. In this instance, is often the retailer that has to pay a refund despite not being at fault. This may also occur during private transactions online (e.g. someone claiming a second-hand laptop doesn’t work).
- Identity theft – a bad actor commits identity theft by using somebody’s else information for nefarious purposes such as acquiring a credit card or taking out a loan, which they have no intention of paying back. Such instances can negatively affect the innocent person’s credit rating through no fault of their own until the fraud is discovered.
- Hacking – this refers to putting a virus or trojan software onto somebody’s computer. This malware can detect and save account information and passwords, which a bad actor can use to commit payment fraud.
How to protect against payment fraud?
Protecting against payment fraud is an ongoing process but thankfully there are many ways for enterprises to mitigate its impact.
These include having strong authentication measures (strong passwords, 2-factor authentication, etc.), using a secure payment processor, and using payment fraud prevention software like SymphonyAI.
Other measures include regular transaction monitoring, educating staff and customers on keeping their accounts secure, and by limiting access to important information to only those who need it.
