Whether you run an online business or have a brick-and-mortar location, you should prioritize your customers’ security. Start by focusing on data breach protection, which includes using tools to detect malware, using anti-virus software, and educating employees on the most common threats. Once you’ve done that, it’s time to think about the next step: velocity threats.
Velocity Attacks
A velocity attack is when someone tries to submit a debit or credit card to make unauthorized changes. These individuals usually obtain card numbers that were stolen from a POS terminal and keep submitting them until they’re verified.
The nature of a velocity attack depends on the software used to launch it. Oftentimes, the attack will generate random number sequences to create charges each time a sequence relates to a valid credit card number. As a result, the merchant has to deal with unauthorized charges. To make matters worse, this could go on until the card amount is maxed out.
The Impact of Velocity Attacks
Dealing with velocity attacks may require you to spend days — or even weeks — trying to find out which transactions were authorized and which ones weren’t. This means you’ll need to spend a lot of time on the phone with your bank, customers, and payment processor to straighten it out.
This will also lead to some of your customers losing confidence in your business, jumping ship, and going over to a competitor. Finally, reversing these charges means you’ll have to deal with chargebacks and revenue losses.
Avoiding Velocity Attacks
The best protection against velocity attacks is being proactive. Start by running a velocity check. This is software that can track repeated patterns and keep a lookout for the number of times specific data elements occur in a specific time frame. These data elements are:
-
IP address
-
Email address
-
Phone number
-
Device ID
-
Shipping address
-
Billing address
-
Credit card number
-
Browser cookies
A customer name isn’t an effective data element, since many people have the same names.
The Importance of Velocity Filters
If you’re really worried about velocity attacks, it’s a good idea to invest in a velocity filter. This tool can test multiple card numbers against your merchant account. Based on the parameters you set, the filter will be able to automatically reject suspicious transactions made within a one-hour window. Common parameters include:
-
The maximum dollar amount for all sales occurring within an hour
-
The amount limit for the number of credits processed by your system every hour
-
The number of transactions that your system processes every hour
-
The total sales amount per hour
-
Suspicious IP addresses
If you would like to learn more about how a velocity filter can help protect your merchant account against fraud, please get in touch with our office today!