Banks and other card issuers send out nearly 30,000 new debit cards every day in the United States alone — that’s an average of one every five seconds.
According to a study reported by Nasdaq, the average consumer used his or her debit card 21 times each month in 2014, up from 16 times per month in 2005. The same survey found that nearly 18 percent of Americans had had a fraudulent charge on their debit card within the previous five years, but that hasn’t put a damper on usage.
Customers like the convenience and low cost of debit cards, but each swipe give criminal hackers one more chance to steal their information. Data breaches and other types of fraud are on the rise, making security a primary concern for both consumers and business owners.
Something as simple as knowing whether it’s safer for your customers to enter their PIN or sign their name when paying by debit card could protect them — and you — from fraud. Here’s what you need to know about each option.
Image via Flickr by USDAgov
Immediate or Online Processing: If your customer chooses the debit option when paying, the terminal will prompt him or her for a PIN. The payment then goes through an electronic funds transfer (EFT) network, and the amount of the transaction is immediately deducted from the customer’s bank account. It will take a few days for the payment to reach your business account.
PIN Security: PIN-based transactions are more secure than signature-based transactions because the payment won’t complete without both the information from the magnetic strip or chip on the physical card and the PIN that the customer must enter. This is called two-factor authentication. If someone steals the physical debit card, he or she must also steal the PIN. That rarely happens unless the card owner writes the PIN down and keeps it with the card.
Based on statistics gathered for 2010 charges, fraud for PIN-based debit charges averaged out to less than half a penny per transaction, a mere 12 percent of signature-based losses.
Image via Flickr by hrp_images
Delayed or Offline Processing: If your customer chooses the credit option when paying, the Visa or MasterCard network will authorize the charge as a first step in the process. If the client has enough money in his or her account to cover the charge, a temporary hold will be placed on the account, and he or she will be prompted to sign either a paper or a digital sales slip.
The charge will be submitted with the merchant’s credit card transactions at the end of the business day, and the merchant will receive the funds in a few days after the settlement process completes. A high-risk merchant account might take slightly longer if a rolling reserve is required.
Signature Security: A signature doesn’t do much, if anything, to make sure the transaction is valid. Because the card-processing network can’t authenticate a signature, it will accept anything from a legitimate signature to a doodle done by your dog. To muddy the waters, most merchants waive the signature requirement for small amounts, usually under $25. The signature-based system is also used to process any payment when the card isn’t physically present, like online and phone purchases.
Compared to PIN-based payments, signature transactions have a higher rate of fraud. For 2010, the losses averaged $0.031 per payment, nearly 800 percent of PIN-based losses.
In general, if you require the physical card to be present at the point of sale, your business is shielded from fraud, especially if the customer must also enter his or her PIN. As a bonus, it’s also cheaper for merchants to process PIN-based transactions because the lower rate of fraud translates into lower processing rates.
On the other hand, any fraudulent charge that was signed for or was accepted online or over the phone could result in the loss of the entire amount of the sale. On average, debit card companies absorb about 60 percent of total fraudulent charges, while merchants take the hit for the remaining 40 percent.
It’s nearly impossible to run a business in today’s world without accepting credit and debit card payments, but you can take measures to improve security and minimize fraudulent charges. Certain merchants must obtain a high-risk merchant account, which uses heightened security measures and other requirements to decrease fraud. These procedures, whether they are your own or your account processor’s, will protect not only your customers but also your bottom line. See also: List of high risk merchant accounts