All card schemes are now on board with the new deadline for the U.S. EMV liability shift in April 2021. So, the time to upgrade—if you haven’t—is now.
Adding EMV chip readers both inside a store and at automated fuel dispensers (AFDs) isn’t intended to be a hardship for gas and convenience retailers. Rather, because EMV is inherently more secure, it will actually help retailers by protecting them from fraudulent transactions.
But upgrading a retail environment to EMV isn’t the only way to protect a gas and convenience business—and customers’ payment cards and data—from falling victim to fraud. Here are nine other tactics and tools:
Point-to-point encryption (P2PE). P2PE secures the payment form factor (e.g., POS readers at the pump and in a store) and ensures a transaction is encrypted from the moment the payment card engages with the card reader.
Tokenization. This security protocol reduces Payment Card Industry data-security standard (PCI DSS) scope and the risk to a merchant that processes, stores, or transmits cardholder data. It also provides the means to perform repeat transactions in alias forms. A customer’s card can be tokenized during the first transaction with a retailer, and the same token can then be used for subsequent secure transactions.
Rewards programs. This is a way to bring customers back, but it also can ensure convenience, speed, and security. Retailers can bond a customer’s payment card with their loyalty profile to create an understanding of purchase behaviors, using available fraud-prevention programs designed to mitigate risks.
These programs help avoid unauthorized charges because retailers gain a detailed record of approximately how much fuel a customer buys, how frequently they buy it, and where they are located geographically. If a purchase does not align with known parameters, retailers can ask a customer to come into a store to verify their identity. Or they can reduce the pre-authorized dollar amount of fuel the payment card can purchase at that time.
Housekeeping. Practicing good environmental hygiene not only helps a retailer comply with PCI DSS rules, but it also reduces the risk of fraud. A good best practice is to physically inspect the pumps once a day to ensure they have not been tampered with.
Disallowing fallback. Under current rules, fallback transactions—where a chip card is swiped instead of inserted—are allowed, but merchants can avoid the inherent fraud risk by disallowing fallbacks at the pump and prompting the customer to come into the store to verify identity or present another form of payment.
Data insights. Analyzing the performance of each pump is useful not just for general business knowledge, but also to detect what parts of the forecourt are most likely to experience fraud. For example, a pump in an outside lane, further from visible cameras, will be more attractive to a fraudster, who can try several cards before finding one that works, without drawing suspicion.
Planograms. Understanding the flow of traffic can also help reveal what areas of a site are prone to fraud. Just as burglars case a bank before a robbery, fraudsters may try to create an authentic transaction by using a counterfeit card in the store or make other attempts to show they are customers.
By understanding behavioral patterns through data interpretation and analytics, retailers can identify risky behavior while optimizing sales.
Network connectivity infrastructure. The right network solution can ensure transactions — both at the pumps and at indoor point-of-sale solutions—are secure and protected against fraud. Look for a certified Managed Network Service Provider (MNSP) network solution that can support the hardware being installed at the pump while providing the highest levels of payment security, always-on connectivity, and 24/7/365 monitoring for not only the hardware, but also the network connection.
CCTV and other surveillance technologies. While CCTV has historically been used for recording after the fact, newer surveillance technologies can find real-time payment or environmental threats and detect fraud as it is happening.
Fraudsters will never stop trying new ways to scam a retailer. But retailers have a wide variety of innovative technologies and tactics at their disposal that can help stop bad actors in their tracks.
—Brian DuCharme is vice president of product management for the fintech payments business at Transaction Network Services Inc. (TNS).