Address Verification System (AVS): Fraud Prevention

Combat fraudulent orders with address verification tools

As a business, the customer experience is always the number one priority. For customers who order ahead, that experience begins at your website, ordering site or mobile ordering app. In situations where the customer is ordering remotely (not presenting their card in-person), you may run into the risk of fraud. It’s simply unavoidable. However, there are a few things you can do to reduce your risk as consumer, and also as a business.

Image sourced from the Consumer Sentinel Network data book published by the FTC in 2020

As a consumer

The FTC published their 2020 findings for the Consumer Sentinel Network data book which found more than 2 million fraud reports were filed. Between January – September of 2021, it is estimated that more than 2 million Americans fell victim to card fraud, with a total loss calculated at $3.3 Billion. Thieves can gain access a few different ways, including:

Physical theft: This one is a no-brainer. Theft has existed since the creation of the Mesopotamian shekel, and perhaps even since Otis the Iceman. Keep your wallets and purses close to you at all times, and only hand over your card to a trustworthy person/vendor or if you feel your life is in danger. 

Requested: Suspicious phone calls, mailed invoices and phishing emails are relatively familiar methods to most people living in the 21st century. More recently, similar requests can be sent via text message, social media, and QR code scanning. Before providing personal information to anybody, make sure it is a bill you were expecting to pay or it is being sent from a trustworthy sender. 

Skimming: Magnetic strips offer little-to-no security; inserting the chip for payment is more secure. However, if a merchant only accepts swipe technology, there’s not much the buyer can do. The malware can be installed physically, but most recently it has been accessed through the network. This malware would impact the merchants’ entire point-of-sale ecosystem. Obviously, not all swipe technologies are monitored by hackers who can remotely steal card information, but as a buyer you should be aware of this risk.

Malware: Phishing emails are relatively familiar methods to most people living in the 21st century. More recently, untrustworthy links can be sent via text message, social media, and QR code scanning. Before clicking on any links, make sure it is a message you were expecting to receive or it is being sent from a trustworthy sender. 

Image sourced from the Consumer Sentinel Network data book published by the FTC in 2020

As a business

If a customer’s card is stolen or they were the victim of a card reader scam, someone who isn’t the card owner may be able to use that card information to make fraudulent purchases. As a restaurant owner, you can take extra steps to guarantee their card cannot be used on your web or app ordering by anyone other than the authorized card user.

When adding their payment, customers will be prompted to enter more than just a CVV

AVS Security

Hazlnut has a great tool to protect not only your customers, but also your business from fraudulent activity. By requiring a postal code or billing address, the person entering the card information to pay online will need to know more than what can be found on the physical card. As a business, it will reduce the amount of chargebacks received since you are taking those extra steps to block fraudulent charges at your business. 

Clover has an account setting dedicated to fraud prevention tools that allow you to automatically void suspicious payments taken from Virtual Terminal and the eCommerce API. They don’t block payments taken from your point of sale device, but it will validate additional information. By default, all Hazlnut orders require the Card Verification Value (CVV) and a matching/valid expiration date. If you would like to use the Clover Address Verification System (AVS) tools, Hazlnut can require additional fields including postal code and street address. The Clover payment system will validate this information and accept or decline the payment.

How to turn on Address Verification (Clover):

You can enable it by going to your Clover dashboard (please do this from a web browser)

1. Click on Account & Setup on the bottom left
2. Under the ‘Transactions’ group, click on Fraud Tools
3. Click to ‘Show Rules’ for the Address Verification System (AVS) group
4. Here, there are 6 options that perform different functions. 
5. Make your selection, and click ‘Save’. 

You can also visit the Clover Help Center for more information (Scroll down to “Set up fraud prevention tools”): https://www.clover.com/en-US/help/set-options-for-using-virtual-terminal 

Please let us know if you would like to prevent fraudulent transactions through Hazlnut with the Clover Address Verification System (AVS) by contacting us today.

Physical Deterrents

Also, keep in mind… Your staff are always the first line of defense. If you’re faced with an increased number of disputes and looking for options to avoid these chargebacks, you can have the staff require identification or have the customer present the credit card used at pickup. This simple, old fashioned approach can help deter future instances of credit card fraud as would be bad actors will know this is your policy and look for easier prey. At Hazlnut, you can even add this as an urgent message or a pop-up to let customers know they’ll need to bring ID and the name on the ID needs to match the name on the card at pickup.

Of course, as we mentioned in the beginning, all steps taken should consider the overall impact to the customer experience. It’s give and take. You want to add more protections to help your store avoid chargebacks while not impeding the overall customer experience.