Help protect against commercial credit card fraud

Read Time: 4 Min
Understanding the latest credit card fraud tactics and mitigation strategies can help merchants remain vigilant against fraud attempts.

Businesses face an ongoing fight against credit card fraud.

Innovative credit card security measures such as EMV (Europay, Mastercard, Visa) chip cards, one-time-use virtual credit cards, tokenization, and card encrypting point-of-sale (POS) terminals have conferred greater protections against the compromise of consumer information. Implementing these solutions has helped businesses reduce the risk of credit card fraud. However, mitigating fraud continues to be an ongoing battle.

How credit card fraud happens

Credit card data is often stolen through merchant compromise. For example, if a merchant’s terminal cannot read EMV chip cards, data transmitted by swiping a card is much easier for a bad actor to access, according to David Mussio, Commercial Credit Card Product Group Manager at Huntington.

Stolen data is sold to the highest bidder to create counterfeit cards or make online purchases. Since commercial cards often have high limits, this can be particularly devastating for companies.

Bad actors can also steal data from a merchant by exploiting human vulnerabilities through phishing attempts or business email compromise (BEC). An employee clicking a fraudulent link or opening an attachment in an email could download malware onto a company’s network, allowing an intruder to steal cardholder data.

“Smaller merchants often don’t have the bandwidth to recover financially from a data breach," says Stephanie Spencer, Treasury Management Product Manager at Huntington. “An event like this can be so damaging to a business that some merchants cannot recover.”

And even if a business is able to recover financially, the resulting damage to their brand’s reputation and operations can be devastating.

Select the right provider

Because protecting receivables is critical to a business, it’s important to choose a merchant services provider that offers the best possible solutions to help keep this information safe. “Selecting a strong provider within the industry is a must,” Spencer says. “Businesses need a provider that offers value-added services to help protect, prevent, and detect fraud.”

Huntington Merchant Services, for example, works with Fiserv to help keep merchants safe from fraud with products such as contactless payments, tokenization, and fraud scoring tools.

“And that can help keep our clients off the front page of the news,” she says.

When a business decides to accept credit card payments, they are responsible for keeping cardholder data safe. One method to better safeguard cardholder information is to follow the guidance of the Payment Card Industry (PCI) Data Security Standard and validate the merchant’s compliance. This includes a security questionnaire and a scan of the merchant’s network. Quarterly network scans can help identify system vulnerabilities. Once a vulnerability is found, it can then be resolved before a bad actor is able to exploit it.

On the payables side, Mussio also says it is critical to select a provider that has the tools to manage a business’s cardholders the way a business wants to—but it’s about more than just the product.

When choosing a card issuer, consider selecting one that will take the time to train you and help ensure you not only understand how to set limits but understand the data being generated to know who is transacting, where they are transacting, and what they are purchasing in order to help identify potential fraud.

“It shouldn’t just be, ‘Here’s your online access, go do your thing,” he says. “It’s vital to get detailed training so you can closely monitor how employees are using your company’s cards.”

Real-time tools

When it comes to commercial cards, Mussio says businesses can take full advantage of fraud mitigation tools with online applications and training to manage their commercial card program. These tools can be used to restrict where employee cardholders shop, how much can be spent, and when cards can be used. Companies can apply specific expense policies to individual cardholders, which will give program administrators a great deal of control and visibility.

“Employee misuse is always top of mind. Reporting tools allow businesses to monitor where transactions are taking place, who’s transacting, and when,” Mussio says. “That really helps them make sure that employees are transacting within the constraints of their policy.”

Virtual cards can provide an additional layer of protection. Typically, when you pay a vendor online, they not only have your credit card number, but also your expiration date, security code, and address. With a virtual credit card, a card number is randomly generated, and while it is associated with your actual credit card, the payee doesn’t have any associated cardholder information that could be used for fraudulent purposes.

Companies can also take advantage of fraud alerts by notifying cardholders in real time through text and email when a transaction looks high-risk, such as a transaction that doesn’t match the cardholder’s typical spend pattern.

Stay one step ahead of credit card fraud

Bad actors are constantly adjusting their tactics to undermine protections in place for commercial cards and merchant services, and despite all precautions, there will never be zero risk.

Paying attention to the latest fraud trends and understanding your bank’s protection services are crucial to mitigating risk. When you’re aware of the latest credit card fraud tactics, you and your employees can remain vigilant against fraud attempts and implement measures to help avoid them. Regular conversations with your Relationship Manager can help you stay on top of these trends.

Related Content

The information provided in this document is intended solely for general informational purposes and is provided with the understanding that neither Huntington, its affiliates nor any other party is engaging in rendering tax, financial, legal, technical or other professional advice or services or endorsing any third-party product or service. Any use of this information should be done only in consultation with a qualified and licensed professional who can take into account all relevant factors and desired outcomes in the context of the facts surrounding your particular circumstances. The information in this document was developed with reasonable care and attention. However, it is possible that some of the information is incomplete, incorrect, or inapplicable to particular circumstances or conditions. NEITHER HUNTINGTON NOR ITS AFFILIATES SHALL BE LIABLE FOR ANY DAMAGES, LOSSES, COSTS OR EXPENSES (DIRECT, CONSEQUENTIAL, SPECIAL, INDIRECT OR OTHERWISE) RESULTING FROM USING, RELYING ON OR ACTING UPON INFORMATION IN THIS DOCUMENT OR THIRD-PARTY RESOURCES IDENTIFIED IN THIS DOCUMENT EVEN IF HUNTINGTON AND/OR ITS AFFILIATES HAVE BEEN ADVISED OF OR FORESEEN THE POSSIBILITY OF SUCH DAMAGES, LOSSES, COSTS OR EXPENSES.

Lending and leasing products and services, as well as certain other banking products and services, may require credit approval.