• Developers
  • Reporting
  • Disputes
  • Contact us
  • Log in

Main Navigation

  • Account

      Account

        • Customer docs & pricing

          Find important documents such as our Terms of Service and Merchant Operating Instructions, as well as more information on things like Stored Credential Transactions and the Account Updater Service

        • Compliance & security

          For more information on Strong Customer Authentication, PCI Compliance, and fraud prevention best practices

        • Stationery ordering

          Order your tally rolls, card scheme logo stickers, and more

        • FAQs

          Our FAQs can help you with queries including pricing changes, cleaning and restarting your terminals, and Multi-Factor Authentication

  • Products

      Products

        • POS help
        • Ecommerce help
        • Bank Payment
  • Insights
  • Trending Articles
Sign up
Search

Main Navigation

  • Account
      Account

      Account

    • Customer docs & pricing
    • Compliance & security
    • Stationery ordering
    • FAQs
  • Products
      Products

      Products

    • POS help
    • Ecommerce help
    • Bank Payment
  • Insights
  • Trending Articles
    • Developers
    • Reporting
    • Disputes
    • Contact us
    • Log in
    Sign up /en-gb/sitecore/content/gpn/corporate/corporate/home/modals/signup-homepage

Sidebar Navigation

  • Account -
    • FAQs +
      • Pricing frequently asked questions +
      • PCI Frequently asked questions +
      • Best practice for cleaning your POS device(s) +
      • Terminal restart guide +
      • CNP FAQs - resubmitting declined transactions +
      • Multi-Factor Authentication for Global Payments Ecommerce Portal +
      • Ecommerce FAQs +
      • Bank Payment FAQs +
      • Your invoice explained +
      • How do I make a complaint +
    • Customer Docs & Pricing +
      • Terms of Service +
      • Merchant Operating Instructions +
      • Interchange fee update +
      • Recovered card form +
      • Mastercard and Visa Interchange rates +
      • Merchant Data Processing Notice +
      • Enhanced Authorisation Data Service merchant implementation guide +
      • Stored Credential Guide +
      • SCT Technical Implementation Guide +
      • SCT Decision Tree +
      • Account Updater Service +
      • Account Updater migration to UK Ensurebill +
    • Compliance & Security -
      • Ecommerce fraud management +
      • Know the risks +
      • Online Card Not Present Best Practices +
      • Fraud Hints and Tips Guide +
      • Reducing Risk of Fraud Guide -
      • Guide to Patching +
      • Know the risks +
      • What To Do If You're Compromised +
      • PCI Frequently asked questions +
      • SCA +
        • One-off payments without saving card details
        • One-click payments without saving card details
        • Card saved for recurring, automatic payments
        • Payment over the phone (MO/TO)
        • What Do I Need to Do to Be SCA Compliant?
        • PSD2 and SCA Technical Information Guide
        • Strong Customer Authentication Decision Tree
        • How to use the Strong Customer Authentication (SCA) Authentication Outage Indicator
    • Stationery ordering +
    • How do I understand my invoice? +
  • Products +
    • Point of Sale Help +
      • Quick Start Guide Miura M10 Device +
      • Quickstart Guide Miura M20 Device +
    • Ecommerce Help +
      • Transaction management +
      • Customer management +
      • Fraud Management +
      • Resetting your password +
      • Virtual Terminal +
      • Ecommerce portal navigation +
      • User Management +
      • Transaction reporting +
      • Ecommerce FAQs +
    • Bank Payment +
      • Bank Payment FAQs +
      • Bank Payment sales sheet +
  1. Home
  2. Account
  3. Compliance & Security
  4. Reducing Risk of Fraud Guide
Last updated 01/25/2023
2 Min Read Time

Reducing Risk of Fraud Guide

Reducing the risk of card not present fraud 

Many businesses accept Card Not Present (CNP) transactions on a daily basis, either over the phone or via a website. In the majority of cases, there are no problems with these orders, but there’s an increased risk when accepting CNP transactions as there isn’t a 100% guarantee that the person placing the order is the genuine cardholder. You also have less protection than you’d have if you were processing transactions via Chip and PIN, as your business will be financially liable if a transaction is later reported as fraudulent. To help reduce the chances of your business being targeted by fraudsters, there are a number of checks that should always be made: 

1. Address Verification Service (AVS) check 

This checks the property number and the numeric part of the post code against the card issuer’s records. This works for UK issued cards, but non-UK card issuers may or may not perform this check. If this check isn’t verified, this may be a sign that the card being used isn’t from the UK and the order may be fraudulent. 

2. CV2 check 

The CV2 number (sometimes called the CVV number or security code) is the three-digit number printed on the back of a credit or debit card. If the CV2 check fails, this is a clear sign that the customer may be using compromised card details. However, if the check does pass, this is still not a guarantee that you’re dealing with the genuine cardholder. 

The results of these two checks will be printed on the terminal receipt when you carry out a CNP transaction, so check the terminal’s user guide for information on how this information should be displayed. If you don’t have a user guide, they can often be found online by searching for the model of the terminal. 

3. Use of multiple cards and declined attempts 

Fraudsters often buy batches of compromised card details and will try each set of card details until they can get one to work. If you’re seeing multiple declines when trying to process a transaction, you should be careful about proceeding with the order. 

4. Non-UK issued cards being used for orders to be delivered to a UK address

A lot of CNP fraud is committed using non-UK issued cards for goods that are to be delivered to addresses in the UK. If you’re taking orders online, or using a virtual terminal, many card processors can flag up orders like these, so make sure this check is set up. For other terminal types, one sign that the card isn’t issued in the UK is that the AVS check doesn’t pass. If your system allows you to view the first six or eight digits of a card number (known as the Bank Identification Number, or BIN), you can check where a card was issued on various websites by searching for ‘BIN list lookup’. 

5. Pick-up fraud scam 

This is one of the most common fraud scams we see. A new customer places an order for goods over the phone and says that they, or a courier/taxi, will pick the goods up. The fraudster may have the correct name and address details of the genuine cardholder, so things like the AVS check may pass. Sometimes, we see cases where a fraudster is prepared to travel a considerable distance to purchase goods that they could easily get closer to home, so be careful with orders like these. As the goods are being picked up there’s also no way to confirm where they’re actually going, so if you’re in doubt, ask the customer to bring their card with them and do the transaction as Chip and PIN. If an order’s being picked up by a courier, ask them to only deliver to the specified address. 

6. Ordering and delivery 

  • Take care when you’re given an alternative delivery address, particularly if it’s in a totally different location to the billing address. Some merchants have successfully prevented fraud by contacting the person at the billing address before sending out orders, so this may be worth considering 
  • Be careful if a customer wants you to send out the goods very urgently and is prepared to pay delivery costs that are very high compared to the value of the goods, or if they repeatedly contact you to chase up their order. They may well be trying to have the goods delivered before the card is cancelled and you’re alerted to the fraud. 
  • Use websites such as 192.com, yell.com, Google and Streetview to verify customers and delivery addresses. For example, if you’re being asked to deliver goods to a business, then be careful if the address they give you is for a residential property. Businesses can also be checked to make sure they actually exist. If possible, you should also ask for a landline number instead of a mobile number, especially for business customers. 
  • Some merchants, who deal mainly with other businesses, have avoided being targeted by fraudsters by asking new customers to pay for orders by bank transfer or cheque and only offering to accept card payments from them once a business relationship has been established over time. 
  • If you’re taking orders via a website, we strongly recommend that you have 3D Secure 2 (Verified by Visa and Mastercard Securecode) in place. In the majority of cases, the liability for any fraudulent transactions will then be switched from your business to the card issuer. 

For further advice on what to do if you believe your business is being targeted by a fraudster, you can call our Fraud Team on 0116 252 4984*, or email them at fraud.risk@globalpay.com. If you’ve been a victim of fraud, you should report it to the Police via the national website: actionfraud.police.uk. 

*Lines are open from 9am to 5pm, Monday to Friday, except public holidays. If you have a speech or hearing impairment, you can call us using the Relay Service by dialling 18001 followed by 0116 252 4984* Calls may be recorded. To help us continually improve on our service and in the interests of security, we may monitor and/or record your telephone calls with us. Any recordings remain our sole property. 

  • Account
  • Products
  • Customer Docs & Pricing
  • Compliance & Security
  • Industry news
  • Trending articles
  • Notices and Policies
  • Sitemap

Already a customer?

Log in

Connect

  • LinkedIn
  • Twitter
  • Facebook
  • YouTube
{D6036E8F-C9A1-420D-AEC3-5680EC9FBE35}
 

Global Payments is a trading name of GPUK LLP. GPUK LLP is authorised by the Financial Conduct Authority under the Payment Services Regulations 2017 (504290) for the provision of payment services and under the Consumer Credit Act (714439) for the undertaking of terminal rental agreements. GPUK LLP is a limited liability partnership registered in England with company number OC337146. Registered Office: Granite House, Granite Way, Syston, Leicester, LE7 1PL. The members are Global Payments U.K. Limited and Global Payments U.K. 2 Limited. Service of any documents relating to the business will be effective if served at the Registered Office.

Global Payments is also a trading name of Pay and Shop Limited. Pay and Shop Limited is a limited company registered in Ireland with company number 324929. Registered Office: The Observatory, 7-11 Sir John Rogerson's Quay, Dublin 2, Ireland. Service of any documents relating to the business will be effective if served at the Registered Office.

© 2023 GPUK LLP. All rights reserved. Privacy Statement | Terms of Use  | Ethics Reporting Hotline | Gender Pay Report  | Anti Slavery Statement