Fraud Prevention

Tips to prevent fraud


Every business needs to be aware of and prepared for fraud. From chargebacks to Funds Transfer Fraud, it’s important to refresh your knowledge. Here are eight ways to stay on the front foot.

Look out for the summer holiday period FRAUD TREND ALERTS


1. Understand “Chargebacks”

The chargeback framework provides a process for cardholders to dispute transactions processed by merchants, most commonly because their card was used without their consent or the merchant didn’t provide the goods and services the cardholder expected.

There are two types of chargebacks – fraud chargebacks and non-fraud chargebacks.

Fraud chargebacks occur where the cardholder claims that their card was used without their consent. The merchant must then prove the cardholder, and not another person in possession of the card or card details, initiated and completed the transaction.

Non-fraud chargebacks happen where the cardholder claims that the merchant did not provide goods and services as described. The merchant must prove the goods and services were provided in accordance with the agreement between the two parties.

Chargebacks are managed in accordance with the regulations set by each card scheme, for example MasterCard and Visa, and they make the ultimate determination of financial liability. Where the regulations permit, Tyro will take steps to defend chargebacks and shift liability from our merchant to the cardholder.


2. Know the meaning of “Authorisation”

The authorisation process undertaken by your payment terminal confirms that the card used in the payment transaction has not been blocked by the card issuer and has sufficient funds to cover the transaction value.

Authorisation may return an “approval”, however this does not mean that the card is being used by the genuine cardholder. It is important to consider this when processing Mail Order/Telephone Order (MOTO) transactions as you can’t see the person holding the card. So remember, chargebacks may still be received even when authorisation/approval is provided.


3. Know the risks of Mail Order/Telephone Order (MOTO) hand-keyed transactions

MOTO transactions are riskier than other transactions and are more likely to result in a chargeback because the cardholder is not present when the transaction occurs. In the event of a chargeback, it is your responsibility to prove the actual cardholder (and not a fraudster in possession of the card details) initiated and completed the transaction, meaning that the risk of MOTO transactions resides with you, not Tyro or the cardholder.

MOTO transactions should only be processed when you are prepared to cover the cost of the transaction and should never be processed when the cardholder is present.

If you have MOTO enabled on your merchant facility and would like to have this functionality removed, please contact Tyro Customer Support on 1300 966 639.


4. Never refund to an alternative card or by another payment method

FRAUD TREND ALERT There has been an increase in fraudsters pressuring merchants for cash refunds, as well as refunds onto a different card than the one used to make the corresponding payment. It’s important to be vigilant and we encourage you to insist on refunding to the card from which the corresponding payment was made.

When providing refunds, only refund to the card used in the corresponding payment transaction and never provide a refund for more than the value of the corresponding sale.

If you process a payment on a card and then refund to a different card or by another payment method such as a bank transfer, the different card or other payment destination has immediate access to the funds and a chargeback may be received against the card used in the corresponding payment transaction, leaving you out-of-pocket.


5. Avoid authentication by-pass techniques

Your merchant terminal has security features to protect you from fraud. To benefit from these security features, always tap or dip the card and refrain from using MOTO functionality when the cardholder is present.

If a card fails to be read by the terminal when tapped or dipped, you should request a different card from the cardholder.

A magnetic stripe transaction should only be processed when directed by the merchant terminal. You should check the card looks genuine and is being correctly tapped or dipped into the merchant terminal before allowing use of the magnetic stripe, as the cardholder may be seeking to by-pass authentication provided by contactless and dipped transactions.

It’s not wise to split transactions into smaller amounts, especially when this is requested by the cardholder, as this may result in chargebacks.


6. Safeguard your terminal

FRAUD TREND ALERT There is evidence of fraudsters pretending to tap their Smartphone on the terminal to give the impression that they are performing a contactless transaction, whilst pressing buttons on the terminal to activate MOTO and hand-key the transaction. It’s important to maintain control of the terminal at all times and avoid being distracted when cardholders are asked to key their PIN. If you have Mail Order Telephone Order (MOTO) enabled on your merchant facility and would like to have this functionality removed, please contact Tyro Customer Support on 1300 966 639.

When you dip the card and ask the cardholder to key their PIN, keep focus on your merchant terminal at all times and never allow the cardholder to operate the terminal unattended. This will prevent the cardholder from cancelling the authenticated chip transaction, engaging the MOTO functionality on the terminal, and processing a card not present transaction that leaves you vulnerable to fraud chargebacks.

When unattended, specifically out of business hours, ensure your merchant terminal is stored safely to avoid theft and manipulation. You should check the terminal daily for any signs of tampering.


7. Never process payments for others

If you process payments on behalf of a third party, you wear the liability for those transactions. This might include chargebacks and financial penalties that result from fraud, non-delivery of goods/services, or compliance breaches relating to the sale of illegal goods or engagement in financial crimes.


8. Avoid Funds Transfer Fraud

FRAUD TREND ALERT There has been a notable increase in fraudsters targeting restaurants, cafes, and event managers with this fraud method. If you’re asked to inflate the value of a transaction to cover a third-party payment for a courier, florist, caterer, wedding planner, musician, celebrant, etc. and if this is an add-on cost to a higher value Mail Order Telephone Order (MOTO) transaction, then please be aware that this may be a scam.

If you suspect this, please report it to us via 1300 966 639.

Never increase the value of a payment transaction to cover monies owed by a cardholder to an unknown third party, such as a courier service, and never make payments to these third parties via money or bank transfers.

Fraudsters use Funds Transfer Fraud as a way to extract cash from merchants, generally by placing larger value orders over the phone. This often results in monies being transferred to (say) a courier engaged in the fraudulent activity and a fraud chargeback being received because the card used in the payment transaction was stolen.

Suspect a transaction is fraudulent?

Call Tyro’s Customer Support Team immediately on 1300 966 639

Call now

Types of fraud

The most common type of card fraud is when someone places an order over the phone or via email using one or more stolen card numbers. The actual cardholder is unaware their card details have been compromised until charges from your business appear on their statement.

If suspicious, call Tyro’s Fraud Analysis Team on (02) 8907 1610 before processing the payment. They will ask you a series of questions to help you make an informed decision about the transaction. Note: The risk of all card not present transactions resides with the merchant, not the bank or the cardholder.

This is when someone places an order, then cancels it and asks to be refunded to a different card, via bank transfer or in cash. They aren’t interested in buying your goods, but trying to get you to transfer money to them.

Eg: A customer makes a booking at your hotel. They call a few days later to cancel and request for the refund to be credited to a different card number or to a bank account because they have allegedly lost their card. Later you receive a chargeback for the original transaction.

What to do: Always refund to the card number that the transaction was made on. If the customer states they lost their card, advise them to contact their bank and raise a chargeback.

This is when a customer asks you to debit their card and transfer the funds to a third party. They aren’t interested in buying your goods, but trying to get you to transfer money to them.

Eg: An overseas customer places a large order of heavy items to be shipped overseas and requests shipment be made through their preferred shipping agent. They request you to debit their credit card for the cost of the shipping and transfer the funds to the shipping company via wire or bank transfer. The shipping container doesn’t arrive and you receive chargebacks for all transactions processed to the customer’s card.

What to do: Never process a transaction to pay for external third-party costs (costs not related to your business).

This is when a person tries to use a counterfeit card in store that will not tap or swipe because the information on the card is incomplete.

Eg: A customer is in store and trying to pay for a high-value item. The card they have presented you with isn’t working. The customer tells you this happens all the time and you should manually enter the card number. Later you receive a chargeback for the transaction.

What to do: Always dip, tap or swipe the card for card present transactions. If the card presented does not work, ask the customer for a different card. Never enter the card number manually.

Disclaimer: Tyro makes no representations and gives no assurances whatsoever in relation to the credit worthiness of any person presenting a charge card or the performance of any agreement or arrangement between the merchant and any person, body corporate or association conducting a charge card scheme.