Credit card fraud has been an issue for consumers and businesses since the boom in credit card use in the 1980s. While a nuisance, pizzeria owners and other merchants were usually not held liable for accepting a stolen or fraudulent card. Instead, the card issuer (most often, the bank) was liable for fraudulent charges and would have to absorb the costs. However, times have changed. Since the introduction of EMV cards and the liability shift, which came into full effect in April 2018, it’s the business owners who need to learn ways to prevent credit card fraud to avoid footing the bill for fraudulent charges.
But I thought EMV was more secure? Well, yes. The reason the EMV card was designed and introduced was to increase security and prevent fraud. Since their introduction counterfeit credit card fraud dropped by as much as 75% from December 2015 to March 2018.
Why are businesses concerned about EMV liability? With traditional credit and debit cards the magnetic stripe stores and contain unchanging data. Whoever accesses that data gains the sensitive card and cardholder information necessary to make purchases. That makes traditional cards prime targets for counterfeiters, who convert stolen card data to cash. Unlike magnetic-stripe cards, every time an EMV card is used for payment, the card chip creates a unique transaction code that cannot be used again. But, herein lies the problem. Chip cards are useful for preventing card present fraud i.e. use of a payment card at a physical store. It does nothing to prevent online fraud. With liability now the responsibility of the business owner, the switch to EMV negatively impacts pizza delivery as businesses are exposed to fraudulent charge-backs because delivery orders are all done by manual entry (either over the phone or by the customer online).
How can businesses protect themselves? Precinct Pizza, a busy pizza restaurant with a large delivery component, noticed a huge increase in delivery fraud. With the fraudulent transactions not abating, they came up with their own solutions including POS improvements and staff awareness, to help tackle the problem, prevent fraud in the future and reduce potential charge-back payments.
If delivery is a sizable chunk of your business and you are concerned about fraudulent transactions, here are some things you should consider:
- Consider asking your POS company to have “New Customer” status printed on the delivery ticket: Printing the customer status on the delivery ticket will quickly let a driver know if the customer is new or returning. If the customer happens to be new and is paying by credit card, the delivery driver can ask to see an ID or the card to see if it matches the credit card that was used to order.
- Online credit card orders should require additional confirmation. Related to the customer lifetime orders, if a customer tries to pay online or over the phone using a credit but have a low, or no, purchase history, an additional step should be required to verify the card. You can ask the customer to confirm that when the delivery driver arrives that the card will be required to be produced for inspection. Knowing that this is coming may bring the fraud process to an immediate halt.
- Require security code and ZIP code authentication. For all orders, you should require the card holder to input the three-digit security code and ZIP code before finalizing the order. This adds another layer of security.
The food industry is increasingly targeted by fraudsters and while these features may not eliminate fraudulent credit card orders entirely, any pizzeria operator with a delivery component can benefit from these tweaks to protect themselves and their customers from falling victim to fraud.