By Allen Kopelman
Nationwide Payment Systems Inc.
What types of fraudulent merchant applications have crossed your desk recently, and how did you figure out that they were fraudulent? As merchant level salespeople (MLSs), we need to fully vet prospective merchants and avoid contributing to a growing number of fraudulent applications submitted every day to ISOs, processors and technology service providers.
Unlike the old days, when MLSs mailed or overnighted paper applications with Polaroid site photos to processors, today's merchant applications are mostly processed online. It's also easier to establish a home-based ecommerce, SaaS or drop-shipping business these days.
In this new digital frontier, we must stop fraud by authenticating applicants who apply for services on our websites, and vet their identities, business locations, documents and financial accounts.
What is causing the spike in fraudulent merchant applications? To begin with, most of our information has already been compromised by any number of high-profile data breaches in recent years. Criminals on the Dark Web are selling our data to fraudsters for pennies on the dollar to fund attacks that threaten payment processing integrity.
Scammers are piecing together bits of data, using off-the-shelf software, to create fake IDs, Social Security numbers, checks, bank statements and merchant account statements. Many of these assets look convincingly real.
Fraudsters are launching sophisticated attacks, including bust-out attacks, which occur when fraudsters key-enter stolen card data from the Dark Web to create fraudulent transactions. Unless stopped by a bank or ISO, funds land in a bank account and are quickly swept by fraudsters who leave a trail of chargebacks and frustrated merchants and customers in their wake.
Sometimes a business owner, caught in the middle of a bust-out attack, ends up on the MATCH list. Other times, an unsuspecting person who does not even own a business suddenly has $50,000 in chargebacks from signed leases and ruined credit.
This is why security analysts recommend freezing accounts with all three credit reporting bureaus: Equifax, Experian and TransUnion. When we spot a fake identity, the first thing we need to do is find the real person and make them aware of what's going on so that they can take appropriate steps and freeze their credit.
Fast-moving processors tend to approve deals quickly, heightening risk of bust-out attacks. Bust-outs happen when scammers use stolen identities to get merchant accounts, ruining victims' credit and causing permanent damage to ISOs, processors, merchants and customers.
We must get ahead of this trend by reviewing all applications before we submit them. It's also a good idea to change our systems to prevent auto-submissions. We did this and no longer allow any apps to go to underwriting until we totally vet them, because eight out of 10 are usually fake!
How well do we know our merchants? Fraudsters are forcing us to create our own step-up challenges by second-guessing every merchant application. We educate merchants all the time about KYC but in the current threat environment, MLSs must practice our own KYC.
Technology can help these efforts, but the best approach is combining artificial intelligence, biometrics and advanced authentication methods with human oversight. Here are some recommended ways to tell the good guys from the bad guys.
Remember, risk managers and underwriters have access to tools and advanced technologies, but do them a favor by vetting your applications. Don't risk your reputation and credibility by sending in trash. If you become known as someone who passes bad paper, these analysts will put every one of your deals under a microscope, and your overall approval ratings will plummet.It's also not a bad idea to tell them when you get an application from the web and are not sure if it is legitimate. They will appreciate your honesty and transparency and not hold it against you.
Another way to stay in the good graces of the people who approve or decline your applications is to collect all necessary documents upfront before submitting paperwork. They may occasionally ask for additional documentation, but you need to cover all the bases to avoid having your application land in pended status.
Fraud is running rampant in our society. No one reacts anymore to news of the latest security breach or when a legitimate-looking deal is exposed as a fraud. We've seen it all before and know that our personal data, along with millions of other records, has been compromised.
In the current threat environment, experts have noted that advanced forms of authentication can significantly reduce fraud without inconveniencing customers. After so many years of helping merchants harden security without causing customer friction, it's time for MLSs to take a page from our own playbook. Let's look for ways to weed out bad guys without disturbing all the great new merchants who are signing up for our services.
While advanced technologies can help detect deep fakes, there is no substitute for rolling up our sleeves and performing good old-fashioned due diligence. Take the time to scrutinize each application that crosses your desk and stay alert to red flags. These simple actions will help us keep fraudsters at bay and our companies and partners in the black.
Want to know more? Keep reading The Green Sheet and consider following me on LinkedIn, where we can share ideas and support each other, at www.linkedin.com/in/allenkopelman/.
Allen Kopelman, a serial entrepreneur, is co-founder and CEO of Nationwide Payment Systems Inc. and host of B2B Vault: The Payment Technology podcast. Email him atallen@npsbank.com and connect on LinkedIn https://www.linkedin.com/in/allenkopelman/ and Twitter @AllenKopelman.
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.
Prev Next