Costados Merchant Information Costados Merchant Information Costados Merchant Information

Costados KnowledgeBase: Secure Transaction Tips

Sales Practices to Avoid...

  • Re-Keying Electronic Transactions:
    Once a transaction has received an electronic authorization, never delete the transaction and re-key it. This will cause the transaction to be downgraded and will significantly increase your discount rate for that transaction, plus your ability to respond to a chargeback will be diminished.
  • Using Made Up Authorization Codes:
    When an authorization attempt is responded to by a Decline or a Referral, do not make up an authorization code and enter it for that purchase. Transactions with made up authorization codes will receive the highest discount rate and will have no chargeback defense. That means that if an authorization code is made up and the cardholder disputes the charge, the amount of the transaction will be returned. That is a high price to pay for not calling the authorization center.
  • Settling Transactions Late:
    With credit card transactions, timely settlement of the transactions is necessary to ensure the lowest discount rates. If you put off settlement, you may end up paying more.
  • Having Illegible Sales Drafts:
    When customers don't recognize transactions on their monthly credit card statements, they will call their Card Issuer and request a copy of the sales draft in question. This means that the original or a copy of the original sales draft must first be retrieved from wherever it is stored, either at your establishment, a central merchant location such as your corporate headquarters, your processor, or the merchant financial institution with which you have your credit card merchant agreement. The sales draft must then be photocopied and/or scanned and the copy mailed or electronically sent via your merchant financial institution or processor to the Card Issuer for the cardholder. In most cases, the cardholder will recognize the transaction in question from the copy of the sales draft and that will be the end of it. However... if the printing on the original sales draft is too light, too small, or on colored paper, the draft may not copy or scan legibly. Since an illegible copy of a sales draft defeats the purpose of the copy request, the transaction may be returned to you as a chargeback for being an illegible copy. And, unless the legibility of the sales draft can be improved, you may end up taking a loss on that transaction.


Ensure Legible Sales Drafts...

As the owner or manager of your business, you are in the best position to help your company avoid a costly problem. You can improve customer service and profitability simply by making sure your sales drafts are legible. The following tips will help:

  • Tips for Marketing Staff:
    Your company name, logo, or marketing message printed across the face of the sales drafts can make copies illegible. Position all printing away from transaction information areas.
  • Tips for Administrative Staff:
    Copy from microfilm at the original draft size. If your establishment stores sales drafts on microfilm, make copies from the microfilm at the same size as the original sales draft, reduced images result in blurred and illegible copies.
  • Tips for Point-of-Sale Staff:
  1. Change the printer ribbon regularly. Faded, barely visible ink on sales drafts is the number one cause of illegible sales draft copies. Make sure the ribbon is printing clear and dark on every sales draft. Check ribbon legibility on all printers daily.
  2. Change the printer paper when the coloured streak first appears. The coloured streak down the center or the edges of printer paper indicates the end of the paper roll. It can also diminish the legibility of the transaction information. Change the printer paper as soon as this warning streak appears.
  3. Keep the white copy of the sales draft receipt and give customers the coloured copy. The colour won't matter to your customers, and since coloured paper does not copy as clearly as white paper, it often results in illegible copies.
  4. Handle carbonless paper and carbon or silver-backed paper carefully. Silver-backed paper appears black when copied. Any pressure on carbonless and carbon-backed paper during handling and storage causes black blotches, making any copies illegible. Handle this type of paper with care.


Use Your Terminal Properly...

Work to reduce the number of key-entered transactions. The following steps should help. These types of transactions tend to have higher decline rates as well as a higher incidence of fraud, copy requests, and chargebacks. Not to mention they will cost you more in discount rates.

  1. Train associates, on a regular basis, to swipe a card properly.
  2. Develop a cash register prompt to remind associates to imprint the draft.
  3. Implement a cash register change that does not allow the manual entry of an account number unless the magnetic stripe reader has been activated.
  4. Require management approval of all key-entered transactions.
  5. Look at the credit card security features more closely.
  6. Check the magnetic stripe readers regularly at each cash register to be sure they are operating properly.
  7. Clean your magnetic stripe reader heads several times a year, it only takes a few seconds and will help ensure continued good reader operation.
  8. Remove any obstructions that could prevent a card from being swiped straight through the reader in one easy movement.
  9. Keep the point-of-sale area clear of any items that could damage the magnetic stripe readers.
  10. Place pads that deactivate magnetic anti-theft devices where cardholders can't place their cards on them. These pads can erase the card's magnetic stripe.
  11. Calculate the percentage of key-entered transactions compared to total transactions for each terminal. These ratings can be very revealing, pinpointing which stores, which readers, and even which sales associates have high key-entered transaction rates.

    The Calculation: Divide the number of key-entered transactions by the total number of transactions for each terminal. Perform this calculation for each sales shift to determine the "rate per sales associate." Monitor the rates for key-entered transactions and watch for significant increases in the rates. A jump in the rate could indicate a problem with a terminal or the need for additional sales staff training.


Watch Out For Suspicious Behaviour...

To control fraud, learn to recognize the warning signs. Be alert for transactions with these characteristics:

  1. First time shoppers. Criminals usually hit a merchant once and don't return.
  2. Larger-than-usual orders. Because they may be using stolen cards or bogus account numbers that have a limited life span, crooks need to maximize the size of their fraudulent purchases.
  3. Orders with several of the same item. If these items are intended for resale, having more of them increases the criminal's profits.
  4. Orders made up of exclusively big-ticket items. These items have a high resale value and therefore maximum profit potential.
  5. Orders shipped "rush" or "overnight." Crooks want these items in their hands as soon as possible for the quickest possible resale and aren't concerned about extra delivery charges.
  6. Orders from people who use free e-mail services. For these services, there's no billing relationship and often no trail or verification that a legitimate cardholder has opened the account.
  7. Orders shipped to international addresses. A significant number of fraudulent transactions are shipped to bogus cardholders outside of your home country to avoid criminal prosecution.
  8. Transactions with similar account numbers. This is particularly popular among criminals who are using account numbers generated by a CreditMaster-type scheme.
  9. Orders shipped to a single address but made on multiple cards. This is likely a scheme based on CreditMaster-generated account numbers or a batch of stolen cards.
  10. Multiple transactions on one card over a very short period of time. Sometimes this is an attempt to deplete a card until the account is closed.
  11. Remember, none of these signs by itself means you're being scammed, but several of them might. Check everything. Never ship a valuable order unless it checks out and you've received a valid authorization.


Conduct Online Transactions Safely...

Many online transactions are now protected by SSL, which is short for Secure Sockets Layer.

  • SSL provides privacy protection by encrypting the channel of communication between you and the consumer. Using a mathematical formula, SSL puts the information you exchange into a complex code. Think of it as a kind of armor over the information. Even if intercepted, your data would be extremely difficult to read.
  • SSL helps the consumer's browser automatically scramble his private information, such as a credit card number, before it gets sent to the merchant. After that, SSL only allows the merchant's software to unscramble this data. Through SSL, you and your customers can complete transactions with the confidence that no one else can read, change, or corrupt their payment information as it travels over the Internet.
  • Since the data sent is secure, SSL is now considered more than enough security for consumers to do business with merchants that they know and trust.
  • To find out if a transaction is guarded by SSL, look for the picture of the unbroken key or closed lock in your browser window (Netscape, Safari, Mozilla Firefox, and Microsoft Internet Explorer browsers all use SSL). This indicator means SSL is hard at work. (If you don't see either one, or if you see a broken key or an open lock, that means SSL is not protecting your transaction.)
  • Another easy way you can tell if SSL is guarding your transaction is to check the URL of the site you are visiting. It should change from "http://" to "https://" when processing secure transactions.
  • Don't send or accept payment info via E-mail: E-mail works independently of any security software, such as SSL or SET, and is not protected by them. E-mail is vulnerable and should probably never be used to send or receive sensitive personal information. When accepting payment information from a customer, always make sure to use a secure and recently-released browser, such as Netscape, Firefox, Microsoft Internet Explorer, or AOL. Also make sure the that your site uses a secure Internet technology such as SSL or SET to protect transactions.