• Get Started 855.833.3614 (M-F: 8 am – 9 pm, Sat: 9 am – 3 pm)
  • Request info
  • Support 800.430.7161 (24/7)

3 fraud and security threats for eCommerce businesses and how to minimize them

Selling online is one of the best ways for small businesses to cast a wide net and reach more customers—and they’re doing so in a big way. Our research shows that 51 percent of small businesses have their own website where consumers can order and make payments.1 Unfortunately for small business owners, online fraud is a growing concern, and the damage is staggering.

According to our 2019 Small Business Payment Spotlight, data breaches are extremely costly for small businesses. Twenty-one percent of small businesses we surveyed reported a data breach within the last two years, and of those, more than 40 percent reported spending greater than $50,000 to recover.

While these threats are understandably concerning, you can certainly protect your small business against them. Start by knowing the difference between data breaches and data fraud.

  • Data breaches typically occur when a criminal slips by a company's security measures and steals data, such as customer names and phone numbers, or more seriously, confidential credit or debit card information. As a merchant, you are at increased risk of a data breach on your site if you store payment data. 

  • Data fraud occurs when stolen card data is used without authorization to make purchases on your website. It can create costly chargebacks for you as a merchant. You are at risk of exposure to data fraud if you don't have fraud prevention tactics in place on your site.

To help you protect yourself, read how to guard against three common eCommerce fraud and security risks.


Encrypt and tokenize payment data to help reduce risk during a data breach.

To help stop data thieves in their tracks, use a secure payment gateway when you set up your eCommerce platform.

A payment gateway is akin to a cash register that is used for in-person transactions. Just like a cash register, a payment gateway needs to be safe and secure. A good payment gateway can wall off your eCommerce platform from online predators.

A secure payment gateway should encrypt and tokenize customer payment information. Here’s a snapshot of both data security tactics:
 

  • Encryption. When the payment card data is locked at the point of sale using an algorithm and can only be accessed using a secret key.

  • Tokenization. When sensitive cardholder data is removed from the merchant environment and replaced with a randomly generated token. This token can not be used by an unauthorized party to conduct fraudulent transactions.

Working together, data tokenization and encryption help reduce the impact of a data breach. Both tools let you process transactions while also protecting the payment data.


To help prevent costly chargebacks, verify billing and shipping information.

A chargeback occurs when a customer disputes a transaction and their card-issuing bank returns the funds in question to the customer. This is a great tool for consumers who have had their card data stolen. If they spot a charge on their credit card statement that they did not make, they can get a refund.

As a small business owner, if you fulfill an order that was placed with a stolen credit card, you may ultimately have to return the funds you received and are at risk of losing the product you shipped. One way to help avoid accepting fraudulent transactions is through address verification.

  • Address Verification. When criminals use stolen credit cards to make purchases, they usually ship the purchased goods to addresses that are not affiliated with the rightful cardholder. Address verification automatically cross-references the address used by the customer during the transaction with the address linked to that consumer’s credit card account. If there are any discrepancies, the transaction can be flagged or blocked. Most eCommerce gateways come with address verification built in. To check that address verification is set up within your gateway, be sure to login and review your security settings.

Chargeback fraud occurs when a customer disputes a transaction they did actually make. In other words, they order something, pay for it, you ship it, and then they dispute the charge after they received the product. This can also cause your business to lose the payment as well as the merchandise. One important step for protecting yourself from chargeback fraud is documenting and storing all shipping details.
 

  • Document and store shipping information. By having all information about orders you’ve shipped in one central place that’s easy to access, it’s easier for you to combat and resolve chargeback fraud. This information can help you respond to a dispute with clear information on what you shipped, when you shipped it and when it was delivered, among other valuable data points.

To guard against suspicious charges, continuously monitor transactions on your site.

More general eCommerce fraud is any malicious activity that occurs online, and it’s a threat that is always evolving. To help protect your business from data fraud, leverage fraud management tools found within your payment gateway. You can set up filters that “catch” or flag suspicious transactions.

For example, most gateways let you limit the number of transactions allowed per day or per hour to identify high-volume fraud. You can also block activity based on IP address, region or transaction velocity (the number of transactions initiated at a given computer at one time). You can also validate credit card information before processing customer transactions.

We know how important it is to protect your business from cyber criminals. The more informed you are about payment security, the more protected your business can be.


Get Started

Call us

855.833.3614

Chat with us

Support

Call Us

800.430.7161