Point of sale fraud: Common types, POS scams and how to prevent them
Learn how to reduce fraudulent chargebacks and protect your business from point-of-sale (POS) fraud.
If you’re dealing with machine POS fraud or worried about fake POS transactions, you’re not alone. According to LexisNexis’ True Costs of Fraud™ study, fraud continues to increase across transaction channels. In fact, every $1 of fraud now costs retailers and e-commerce merchants $5.75 due to loss of goods or services, shipping fees and chargeback fees.
According to LexisNexis, online and mobile transactions are targeted the most—particularly purchase transactions because of high transaction volumes and payment vulnerabilities. Identity-related fraud accounts for 45% of cases in U.S. e-commerce, with 29% of identity-related POS fraud during account creation.
Common types of point-of-sale fraud
Similar to fraud targeting consumers, scams targeting businesses are varied and constantly evolving. However, at a high level, there are six types of point-of-sale scams that retailers and service providers should be aware of: true fraud, chargeback fraud, card testing fraud, employee theft and discount abuse, skimming and malware and force-posted transactions.
True fraud
One of the most well-known types of POS fraud is what’s commonly referred to as true fraud. In these cases, a criminal may use a stolen credit card to make a purchase in-person or online. Thanks to the uptick in cybercrime, true fraud has increasingly taken the form of criminals opening up new credit cards using stolen cardholder information acquired through data breaches or identity theft.
Chargeback fraud
Chargeback fraud is another type of fraud occurring at point-of-sale. This type of fraud is sometimes known as friendly fraud or first-party fraud due to the customer’s involvement. With this method, a customer (or a friend or family member) will use their credit card to make a legitimate payment for a good or service but will later contact their bank to deny having made the payment.
Unfortunately, if the retailer or service provider is unable to furnish proof of a legitimate card payment, they may have to cover the chargeback amount and a chargeback fee. According to Fraud.net, friendly fraud is much more common than true fraud and can reduce legitimate sales by 1%.
A CNBC report estimates U.S. businesses lose $100 billion from friendly fraud each year.
Card testing fraud
In addition to true fraud and chargeback fraud, retailers and service providers who accept payments online may also be vulnerable to card testing fraud. Card testing occurs when criminals make numerous online payments or small purchases in order to verify whether a stolen credit card number is valid. In many cases, cybercriminals will use bots to test numerous credit card numbers at once.
Because the amount of each individual purchase authorized is typically quite small, card testing fraud can often go undetected until it’s too late. Not only can the total sum of these fraudulent purchases and authorization fees be quite steep, but once a card number is validated, the criminals may then make larger fraudulent purchases from your business.
In each of these cases, businesses can end up losing both money and merchandise. That’s why it’s so important to take measures to prevent fraud at point-of-sale before it happens.
Employee theft and discount abuse fraud
Employees may commit POS frauds like manipulating voids, false refunds, or sweetheart deals such as giving discounts to friends. In 2024, FinancesOnline estimated over 56% of U.S. retailers used POS analytics to combat this fraud type.
Skimming and malware fraud
In this form of POS fraud, fraudsters install skimmers on POS machines or malware to steal data. The FBI notes this as a common method and one behind several 2024 schemes and POS vulnerabilities highlighted by Visa.
Force-posted transactions fraud
Criminals use the ability of many Point of Sale (POS) devices and payment gateways to support “Force Sale” offline or force-capture transactions bypassing the authorization process by manually entering a previously obtained authorization code. The rise in Visa® alerts is one sign of this activity as more force-posted transactions are made.
How to prevent point-of-sale fraud and reduce chargebacks
For today’s e-commerce and brick-and-mortar businesses, there are a few key ways to help minimize the risk of point-of-sale fraud and reduce chargebacks.
Request validation
To prevent fraud, businesses can request customer authentication. For in-store debit card purchases, this could involve asking customers to use their PIN, and, for purchases made online or by telephone, the use of their CVV code — the three- or four-digit code located on their payment card. Asking the customer to provide their PIN or CVV code can help verify that the customer is in possession of their payment card, which may help deter criminals.
Merchants can also review the signature on the card and may refuse to accept a card that is unsigned or if the signature doesn’t match.
Upgrade point-of-sale technology
For brick-and-mortar businesses, EMV chip and NFC technologies are an added step to help prevent fraudulent transactions. Because EMV chip terminals can read the encrypted data stored on the microchip embedded in the card, they are able to detect and decline counterfeit cards. Likewise, NFC terminals can wirelessly accept and authorize payment from a contactless card or from tokenized payment data stored on a smartphone.
With this tokenization technology, actual card data isn’t stored in the merchant’s system, just the randomly generated token values — a measure which may ultimately help reduce liability and expedite PCI DSS compliance validation.
To learn more about help with securing your payment transactions, boosting your cybersecurity, and protecting your business against fraud, visit regions.com/fraudprevention.
