What protects buyers from fraud with contactless payments

Not so long ago, imprinters (hand-held card readers) were the norm at the box office. The buyer waited until the cashier with the help of this bulky device will remove the data on the card and place an order. Today we have contactless payments and it is much easier and faster to pay for purchases with them. But the new technology causes a lot of controversy.

The network posted a video on which a man with the help of a card terminal quietly wrote off funds from the card of an unsuspecting buyer. He placed the device close to the victim's pocket, and it fixed the proximity of the card and processed the payment. This video was the reason for a serious discussion in the payment field.

Contactless payment technologies use radio frequency identification, implemented in smartphones, watches and other compact devices that people always carry with them. In this regard, many who watched the video, were concerned about the possibility of fraud with the use of payment terminals. If intruders can use such a device to withdraw funds from a card hidden in a wallet in a back pocket, then surely it will be even easier with a phone or a watch. Card readers scan the radio space at a distance of 4 to 10 cm , so it is likely that someone will want to use technology to steal money from smartphone owners.

But, although cases of theft of funds are fixedPreviously, a wave of fraud using contactless technology does not threaten us. Merchants have already taken additional measures of protection.

Checking the reputation and other information about new merchants

Payment terminal providers, also known as merchant service providers (MSPs), often act as intermediaries between merchants and payment processing companies such as Visa and Mastercard. They require merchants to go through strict checks before they gain access to equipment and software for terminals.

Reception of merchant to the provider network is a long and thorough process. It includes at least a few, and ideally all of the steps listed:

1. Verification of the identity of business owners (data on business registration, personal documents).
   
2. Check account history, if any.
   
3. Analysis of the company (validation of the website, business models, operations).
   
4. Clarify whether the business follows the security rules of card networks.
   
5. Evaluation of the credit solvency of the business.
   

In the event of negligence or a serious violation, any party may incur legal liability, but, as a rule, it is borne by the issuing bank of the card or the merchant. Many merchant services provide equipment free of charge and in advance, and merchants pay for its cost through transactions. And in each case is checked. Without careful control, merchant services risk their reputation and can be brought to legal responsibility if they provide services to a fraudulent organization acting, for example, to launder money.

Merchant services also risk losing profits on each transaction returned to consumers if the merchant makes a mistake. Transaction fees are non-refundable, and this creates a tangible lucrative risk.

Ultimately, it becomes incredibly difficult for fraudulent businesses to get into this system.

Merchant services use a rigorous credit check process.

In addition to the approval of new customers, merchant services also strictly evaluate their creditworthiness, which provides more opportunities for identifying fraudsters. This procedure can be divided into three stages:

Source: Provenir

In the framework of the first stage (verification of client data), basic information confirming the identity of the applicant is analyzed. This includes the collection of certification and registration documents. Also taken into account are static data such as the location and address of the office, billing information. In addition, commercial history and blacklists are checked. And in e-commerce, search engines are used to detect malicious traffic.

At the second stage (credit check), the history of the company's business activity is checked: for example, how long they have been working in the industry. The information is verified with the merchant category code (MCC). It also estimates the volume of transactions, geographical coverage and credit rating of the company.

At the last, third step, the merchant service conducts a final check of all submitted documents.

Fraudsters will have to work hard to overcome all legal obstacles and procedures, given the number of tests and the amount of information collected. They will have to fabricate an entire business, and any of the steps described above can bring them out to clear water or cause serious suspicions.

IP trackers help detect fraudulent claims

No matter how strict the processes of receiving and checking merchants may be, there is always a percentage of violators who managed to outwit the system. To search for them, merchant services use IP trackers.

When a computer connects to a server, its IP address is known to the latter. The IP address tracker determines the geographical location and other information of the computer, which allows the merchant service to detect applications of fraudsters.

Trackers match information about the IP addresses of businesses applying. It is so easily discovered that a potential client connects from another country, while presenting himself as a merchant from Ohio. If an imposter tries to access the online merchant service portal, the IP tracker will immediately determine its location.

Also, modern software and machine learning allow you to determine whether previously used one or another sequence of data provided in other similar applications. The collected information is checked with the data on the withdrawn or suspicious accounts of merchants. Such analysis tools are increasingly distributed in the industry.

In addition to active assistance from merchants who monitor the security of contactless payments for their business, the industry is introducing new standards that reduce the risk of fraud. Most contactless payment systems have a limit on the amount of one transaction. And if someone manages to steal this amount of money from the client, most of the credit companies will operate under the contract on zero liability., involving the return of all stolen funds to the victim.

Despite the fact that the fraudulent video has disturbed the viewers, in reality, customers are well protected from such frauds.