75% of Canadians say they are more concerned about fraud today than they were five years ago. And it’s no wonder why, with a 78% increase in fraud losses in the seven years from 2008 to 2015. Protect yourself, and your merchant account, by learning more about this fraudulent tactic below.
What is Carding?
There are two types of Carding, front-end, and back-end.
- Front-End Carding happens at your checkout. The fraudster is trying to purchase something from your store, and running through a laundry list of credit cards until one works. Their personal information stays the same, the purchase amount doesn’t change, but the credit cards information changes.
- Back-End Carding happens on our server. Someone with a large number of stolen credit cards attempts to test their validity by running small transactions on a random merchant account. They do this by guessing your Merchant ID number, then sending a request to process transactions to your payment provider using your Merchant ID.
At Beanstream, once we detect carding we alert the merchant immediately. If any of the payments were approved, we run a batch refund.
Is the Merchant Account compromised?
If your Merchant Account has experienced back-end carding, the good news is the information is still safe and secure. The Merchant Account itself has not be breached.
How do you detect Carding?
With over 16 years of experience, we have become experts at identifying Carding attempts. There are multiple ways we can detect it, the biggest being the decline rate on micro-transactions. Remember with Back-End Carding, the fraudster is just trying to see if the credit card still works, to be able to use it in another purchase. They are sending a small amount to us to test, which we detect. There are countless other ways we can detect Carding, but rest assured we do.
What can be done to prevent future Carding?
When we flag that an account has shown Carding activity, we sometimes enable a security feature called Hash Validation to prevent any future attempts. There may be updates to the account depending on how payments are being processed, but we will be here to offer support.
Hash Validation is one of the many tools that we can help you protect against Carding. It isn’t always a fit with every business, so we will work with you to find the right protection for your business.
Processing payments online can expose you to a certain level of risk. Hopefully, you will never get the alert notifying you that we have detected Carding on your account, but if you do – don’t panic. Your information is safe, we will issue the batch refund, and we will work with you to prevent any future attempts.
We are your partner in payments, through the good and the bad.