2 Steps for More Secure CNP Transactions

This season, card-not-present transactions may be one of your most vulnerable spots. Online purchase volume is likely to be high, so it’s important to increase your vigilance and ensure you’re fully compliant with the requirements of the Payment Card Industry Data Security Standard (PCI DSS).

Together, these complementary levels of security will help you protect both your customers and your reputation.

10 security red flags for CNP

Here are 10 transaction red flags to look for. Transactions like these might be legitimate, but they always deserve a second look:

1. A new customer, especially from out of the area.
2. Multiple card entries for high-dollar orders.
3. Billing and shipping information don’t match.
4. Multiple purchases of the same item.
5. Multiple transactions from a single IP address.
6. Sequences of similar account numbers.
7. One card used for sending shipments to multiple addresses.
8. Several cards used for shipping to a single address.
9. International shipping.
10. Orders from Internet addresses that use free email services, which may not verify the user’s identity.

Minimize the risk of these fraud incidents by imposing company-wide procedures that include online mapping of shipping addresses, business name searches, card validation without exception, and verbal authorization from issuing banks for any suspicious transactions.

It’s also important to set a transaction threshold, above which management-level signoff is required. For more details about keeping CNP transactions secure, refer to this guide from Visa.

Partner up to ensure continuous PCI DSS compliance

The PCI DSS is a great help to many merchants, creating defined best practices and specifying requirements for compliance. These security standards can help ensure more secure transactions, whether they are card-present or card-not-present.

Staying up to date with this critical security standard is essential for maintaining a secure network, protecting cardholder data, implementing a vulnerability management program, and ensuring strong system and data access control measures. However, the PCI DSS calls not only for compliance but also for regular monitoring and testing of networks, plus a host of other tasks that could easily be overlooked in the whirlwind of daily tasks a merchant undertakes.

That’s why you need a partner who knows what you’re up against.

Veracity’s PCI DSS Compliance Service is a complete web-based solution that provides merchants with multiple, integrated tools that save time and effort, while ensuring you maintain data security compliance with ease.

Its many features include a step-by-step guide through the entire compliance process, including a self-assessment questionnaire. It will provide network vulnerability scanning if needed and attestation to confirm your PCI DSS compliance. In your hectic work day, it’s a convenient way to stay on track throughout the year and make compliance certification renewals simpler.

They say that an ounce of prevention is worth a pound of cure. In the case of fraud prevention, it’s certainly less painful and costly. When you and your employees are vigilant, you protect your customers and your business’s reputation.

[cta]Contact Veracity now to discover how our PCI DSS Compliance Service can help you place — and keep — security in the “Done” column of your to-do list. Contact us at 866-944-0055 or by email.[/cta]