Card testing fraud is a method of fraud that can fly under the radar of merchants. In this article, learn what card testing fraud is, and how it can be mitigated.
Card testing fraud is one of the forms of fraud that affects small businesses the most. Card testing, also referred to as card cracking, is when a criminal will make a small purchase on a stolen or purchased credit card number.
They may target a small ecommerce website and place several low-value orders within a short window of time. They might try doing this on one card, or on several different cards.
This practice helps the fraudster identify which cards will work for future fraudulent purchases. While these purchases typically only involve low-value orders, they have the potential to seriously impact a merchant's bottom line.
In this article, learn about the problems that card testing fraud can introduce, and how you can effectively prevent them from damaging your business.
Problems That Card Testing Fraud Can Cause
Let's start by taking a look at the challenges that card testing fraud can introduce for a merchant. These are the three most harmful effects that come with a card testing attack...
1. Lost Revenue and Inventory
The first and most obvious problem that card testing fraud can cause is lost revenue. While losing several low-value transactions may not seem detrimental, mass card testing can cause serious problems for a business.
Let's say that a fraudster wants to test 100 different credit card numbers that they recently purchased. They can order 100 low-value, small items which you'll then dutifully dispatch.
When the cardholder finds out what's happened, they will process a chargeback, which loses you revenue. Of course, getting back those products is also very difficult or impossible, so you've also lost 100 products from your inventory, which you'll need to replace at cost.
2. Increased Fees From Payment Processors
Having an excess of declines can be damaging to your business as well. Too many declines will raise red flags with your payment processors, resulting in your business being marked as "high risk". This can lead to increased transaction fees, and in some cases, losing access to certain payment providers.
3. Damaged Reputation
The actual cardholders who have fallen victim to credit card theft will often blame your business for the fraudulent transaction that show up on their bank statement. The defrauded customer may end up leaving a bad review for your business on Google or Yelp, damaging your company's reputation and deterring future customers from buying from you.
How Can Your In-House Team Prevent Card Testing?
There are several changes you can make to your internal fraud prevention processes that will help you identify and prevent card testing attempts. Here are three strategies that will improve your ability to effectively identify card testing attacks:
- Monitor low-value transactions — When you notice a series of low-value transactions, that's often an indicator that you're being targeted by a fraud attack. These orders can be placed on the same card, or on several different cards
- Monitor order volume and frequency — A sudden surge of orders doesn't always indicate that a fraud attack is occurring, but if you're noticing a high-volume of low value orders, that should raise a red flag. Similarly, if you see a surge of high-value orders within a short window of time, that will typically point to fraudulent activity
- Monitor international IP addresses — Card testing fraud attacks commonly originate from outside the United States. If you notice a series of suspicious transactions that are taking place outside the US, that's a good indicator that you've fallen victim to a card testing attack. Merchants will often change their payment gateway settings to block repeated orders that originate from the same IP address within a certain window of time
Preventing Card Testing Fraud with External Tools
If you're looking for a more complete solution to the problem of card testing fraud, you may consider investing in a fraud prevention platform that uses machine learning to identify fraudulent transactions.
Our advanced machine learning technology, combined with 25+ years of consortium data, allows the scale and speed that’s necessary to eliminate the threat of card testing fraud.
For more information, simply request a demo today and we can show you how our end-to-end solution will effectively remove the cost of fraud for your business.