Why Fraud Prevention Matters
UK businesses lose over £700 million annually to card fraud. The costs include:
- Chargeback fees: £15-30 per incident
- Lost goods/services: You don't get the product back
- Processing account restrictions: Too many chargebacks = account suspension
- Reputation damage: Customer disputes affect your business image
- Higher processing rates: High-risk merchants pay 2-3x more
⚠️ Critical Threshold: If chargebacks exceed 1% of transactions, payment providers may suspend your account or dramatically increase your rates.
1. Physical Card-Present Security
Always Use Chip & PIN
Never accept signature-only payments unless customer's card has no chip (rare). Chip & PIN shifts liability to the bank.
Check Card Matches Terminal Display
Verify the last 4 digits shown on the terminal match the physical card. Simple but effective fraud deterrent.
Inspect Card for Tampering
Look for: peeling labels, mismatched names, unusual thickness, or hologram irregularities.
Verify ID for Large Transactions
For purchases over £100-200 (set your own threshold), politely request ID. Check name matches card.
Be Wary of Multiple Declined Cards
If a customer tries 2-3 different cards that all decline, this is a red flag. Politely suggest they check with their bank.
Monitor Unusual Purchasing Patterns
Red flags: Large quantities of same item, expensive items purchased quickly, customer seems unfamiliar with product.
💡 Staff Training Tip: Train staff to politely say: "For your security, I just need to verify the last 4 digits match..." Most genuine customers appreciate the security.
2. Card-Not-Present (Online/Phone) Security
Use 3D Secure (3DS2)
Implement 3D Secure authentication for online payments. Liability shifts to the bank once customer authenticates.
Require CVV/CVC Code
Always request the 3-digit security code. Never store CVV codes (it's illegal).
Verify Billing Address (AVS)
Use Address Verification Service. Match postcode and house number against card issuer's records.
Check IP Address Location
If billing address is UK but IP address is Nigeria, investigate further. Use geolocation tools.
Verify Phone Number
Call the customer to confirm the order for high-value items. Fraudsters often use fake numbers.
Email Verification
Check if email address looks legitimate. Fraudsters often use free email services with random characters.
Delivery Address Scrutiny
Red flags: PO boxes, freight forwarders, delivery to hotel, different from billing address.
⚠️ High-Risk Orders:
- First-time customer with large order
- Rush shipping requested
- Multiple items of same high-value product
- Delivery address doesn't match billing
- Customer reluctant to provide information
If 2+ red flags = delay fulfillment and verify identity
3. PCI DSS Compliance
Complete Annual PCI Questionnaire
Required for all merchants. Complete SAQ-A (for most small businesses) annually.
Never Store Full Card Numbers
It's illegal and unnecessary. Use tokenization if you need to store payment methods.
Never Write Down Card Details
Train staff: NEVER write full card numbers on paper, even temporarily.
Secure WiFi Network
Use WPA3 encryption. Separate guest WiFi from business network. Change default router passwords.
Keep Software Updated
Update terminals, EPOS systems, and computers regularly. Enable automatic updates where possible.
Use Strong Passwords
Minimum 12 characters, mix of letters/numbers/symbols. Change every 90 days. Never share passwords.
4. Chargeback Prevention
Clear Business Descriptor
Ensure your business name on customer's bank statement is recognizable. "ABC Ltd" might cause confusion - use your trading name.
Provide Contact Information
Display phone number prominently on website, receipts, and statements. Makes it easy for customers to reach you before disputing.
Clear Refund Policy
Display refund policy at checkout (online and in-store). Get customer to acknowledge policy for high-value items.
Send Order Confirmations
Email confirmation immediately after purchase with: order details, amount charged, contact information.
Provide Tracking Information
For shipped goods, always use tracked delivery. Email tracking number to customer.
Keep Detailed Records
Retain: receipts, delivery confirmations, customer communications, proof of service. Keep for minimum 18 months.
Respond to Disputes Quickly
You typically have 7-14 days to respond to chargebacks. Respond within 48 hours with all evidence.
💡 Chargeback Evidence Kit: For every transaction over £100, save: receipt/invoice, delivery confirmation, customer correspondence, product description, terms & conditions acknowledgment.
5. Staff Training
Fraud Awareness Training
Train all staff on fraud indicators. 30-minute session quarterly.
Create Fraud Response Protocol
Document: Who to contact if fraud suspected, how to decline suspicious transactions politely, when to call police.
Empower Staff to Decline
Give staff authority to refuse suspicious transactions. Back them up when they do.
Regular Security Reviews
Monthly 5-minute team huddle: Review any fraud attempts, remind team of key security practices.
6. Technology Solutions
| Solution |
Cost |
Best For |
| 3D Secure 2.0 |
Usually included |
All online businesses |
| Address Verification (AVS) |
Included with most providers |
Phone/online orders |
| Fraud Detection Tools |
£20-100/month |
High-volume e-commerce |
| Tokenization |
Usually included |
Recurring payments |
| Velocity Checks |
Included with gateway |
Preventing multiple rapid transactions |
What to Do If You Suspect Fraud
- Don't complete the transaction - Politely decline or delay
- Don't confront the customer - Never accuse directly
- Gather information - Note: card details (last 4 digits), transaction amount, time, customer description
- Contact your provider - Report suspicious activity immediately
- Report to Action Fraud - UK's national fraud reporting center: 0300 123 2040
- Document everything - Keep records of the incident
⚠️ If You've Been Defrauded:
- Report to your payment provider immediately
- Report to Action Fraud (actionfraud.police.uk)
- Review your security procedures
- Train staff on the incident (what to watch for)
- Consider additional fraud prevention tools
Monthly Security Checklist
Review chargeback reports - Look for patterns or increases
Check for unusual transaction patterns - Spikes in refunds, high-value orders
Update software and terminals - Check for available updates
Review staff compliance - Are security procedures being followed?
Test fraud detection - Try a test order with mismatched address
💡 Remember: Prevention is cheaper than recovery. A £50/month fraud prevention tool is better than one £5,000 fraud loss.