Card fraud is a rare kind of threat in that it doesn’t solely occur online but offline as well. Unfortunately, many small businesses are not sufficiently protected from the dire consequences of payment card fraud.
In 2018, losses due to payment card fraud reached $24.26 billion worldwide. Experts project that losses will balloon to $36.44 billion by 2022.
As much as small business owners would like to think their size does not make them a target for thieves, that simply isn’t the case. Small businesses reported losing an average of $37,258 to card fraud last year.
Whether you run an online business or a brick-and-mortar operation, there are certain types of card fraud you need to be aware of. In this article, I discuss the threats small business owners face and offer recommendations so you (and your customers) do not fall victim to card fraud.
Types of hardware-enabled payment card fraud
Obtaining payment card credentials requires physical access to the victim’s point-of-sale (POS) equipment – the terminals that store personnel use to read data off cards and process transactions. There are two possible scenarios where in-store payment card fraud occurs:
- Clerk skim: This tactic requires the help of a store clerk to run a payment card through a reader that copies the data stored on its magnetic strip to a storage device. This is usually done before the clerk runs the card through the store’s POS terminal.
- POS swap: In this scenario, a criminal poses as a POS technician and replaces a store’s existing terminals with clones that can be remotely accessed.
Regardless of the manner used, a consumer’s payment card data end up in criminals’ hands.
Types of malware-enabled payment card fraud
A particularly insidious type of fraud doesn’t involve physically altering a store’s POS system; instead, cyberthieves