NMRA welcomes guest blogger Georgio Stavakris, CPP, with Heartland Systems.
Don’t let fraudsters eat your lunch
It’s been a year since the U.S. migrated to EMV technology, and more than 1 million businesses now use EMV chip-embedded credit card readers. Unfortunately, criminals are taking full advantage of businesses that haven’t fully made the switch, leaving even small businesses vulnerable to costly chargebacks.
Restaurants have been plagued for years by counterfeit, stolen and cloned credit card activity, but it’s much more apparent now that liability for these fraudulent charges shifted to the party using the least secure technology – most often the merchant. Customers who may frequent your restaurant could have been using counterfeit cards for months without exposure, because the issuing bank was taking the loss. But now, your business, and livelihood, could be held liable. If you haven’t enabled EMV chip-reader technology in your restaurant, here are a few reasons you should do it before you serve up that next batch of sweet tea.
Criminals prefer magstripe
If a credit card does not have a physical EMV chip (magstripe only card), the data on the card may still be EMV. Here’s how.
When criminals purchase credit card numbers online, the data — regardless of whether it is magstripe only or EMV technology — is loaded on a standard magstripe counterfeit card and shipped to them. With more than 67 percent of U.S. credit cards now using EMV technology, odds are that the counterfeit magstripe card they received uses EMV data.
This is when having an EMV chip-embedded card reader at your business comes in handy. If the criminal swipes the counterfeit magstripe credit card housing EMV data on an EMV card reader, it will prompt them to use the chip reader. They won’t be able to use the card, because no actual chip exists. For this reason, fraudsters intentionally seek out non-EMV enabled businesses because the transaction process is not secure, and they can use the counterfeit magstripe card successfully, bringing unwanted chargebacks to your business.
The tab is on me
Although most restaurants don’t have to worry about professional thieves racking up thousands of dollars in fraudulent charges like retailers, these low-level fraudsters target restaurants and bars for a quick win. Whether it’s just a $50 dinner and drinks, a gift-card purchase or a college student picking up the beer tab for friends, restaurants and bars are low-risk targets for criminals because law enforcement generally does not assist with recouping such a relatively small loss. But these small one-off losses add up, potentially leaving more than just your ketchup bottles in the red.
College and university towns, large cities and major metropolitan areas are the most vulnerable, but credit card fraud can happen to businesses anywhere. The best defense for your restaurant against credit card fraud is to install EMV chip reader terminals as soon as possible. If that simply isn’t an option, here are a few additional tips you can use to protect your business.
- Verify the last four digits of the card number match the last four digits on the printed receipt
- Compare the signatures on the card and receipt
- Check cards for legitimate features like holograms, logos, CVV/CID/CVV2 and AVS verification, etc.
- Never rerun a card if it declines – for any reason.
Georgia Stavrakis is the senior director of loss prevention at Heartland Payment Systems.