Receiving card payments
Tips to keep your business and customers safe
- Criminals use stolen cards and card details or stolen personal information to attempt fraudulent card transactions.
- Card information can be captured from company data breaches, compromised cash machines, compromised webpages, and bogus texts and emails.
- Another common ploy is fraudulent competitions and the ‘sale’ of discounted goods to entice people into sharing their card details for non-existent products which never materialise.
- Always shield your PIN in shops and at cash machines.
- Don’t tell anyone what your PIN is, and don’t write it down.
- If you notice anything unusual or suspicious about a cash machine, don’t use it. Report it to the bank or cash machine operator.
- Pay with your debit or credit card. If a seller tells you they can’t accept a card payment and asks you to send them money directly, don’t do it, it could be a scam.
- When using your card online, ensure that the website is secure. The web address should begin with 'https://'. The 's' stands for 'secure'; this only indicates that the link between you and the website owner is secure, and not that the site or company itself is authentic.
- Be wary of using public Wi-Fi and be aware of the risks of unknown hotspots.
- Contactless cards are embedded with multiple layers of security and transactions have the same protection as chip and PIN, making them safer than cash. For added protection you’ll also be asked to enter your PIN to verify your identity from time to time.
- Ensure your bank has your up-to-date contact details.
- Check your statements regularly. If you spot anything suspicious, report it to us straight away.
- Fraudsters often use lost or stolen cards to make a purchase or withdraw money. Store the 24-hour emergency contact number for all your cards in your mobile phone or anywhere that’s easy to access.
- If your address changes you should tell your bank or card issuer immediately and ask Royal Mail to redirect your business post.
- Share this page with employees and colleagues, so they know what to look out for. Put training in place, so people in your business know how to spot and handle common threats. You can use our webinars and resources to help.
Icon expand Why have I received a replacement debit card that I haven’t requested and before my existing card has expired?
We proactively issue replacement cards when there is a risk that the details of your existing card have been compromised.
We act quickly to get a new card delivered whilst your existing card remains active with the aim of protecting your account whilst minimising inconvenience to you.
Icon expand What should I do next?
- Start using the new card straight away, with your existing PIN. We’ll cancel your old debit card shortly.
- Check your transactions on the Mobile or Bankline app, Online banking or your regular statements.
- If you see a transaction you don’t recognise, you can find more information about the retailer and how to report fraud here.
Icon expand How do you know my debit card details are at risk of being compromised? Can you tell me how it happened?
Our fraud systems are constantly looking for indications that card details have been compromised. Once detected we do everything necessary to protect your account and one of the steps is to replace your card.
There are several ways your card details could have become compromised or known to another person. A shop you have used online may have lost some of their customer details; another individual may have simply copied your details; or you may have used your card in a shop or at an ATM that had a card skimming device attached to it. These are just a few examples.
Although we can’t tell you exactly how or when your card details might have been compromised, rest assured we are committed to protecting your account from fraud.
This section explains about how to take card payments securely, what to look out for and some guidance on card security in general.
Icon expand Chip and PIN Cards
Entering the PIN – always ask the cardholder to enter their PIN. Nobody else should do this on behalf of the customer.
Locked cards – when a customer enters an incorrect PIN three times in a row, the card is locked. Tell the customer to contact their card issuer. It’s vital you don’t swipe the transaction instead.
Icon expand Cards without Chip and PIN
Not every card has Chip and PIN. When you’re presented with one of these cards, make sure you check all visual security.
- Check the card to ensure it looks genuine by following the steps on the Card Watch website.
- Use an ultraviolet lamp to spot the security mark on most cards. Some Visa Electron cards don’t have a security mark.
- Name and gender – check the title on the card with the gender of the person using it.
- Signature – check the spelling of the name on the signature strip against the spelling on the front of the card.
- Check the long number – make sure the number on the front of the card matches the card number you’ll see on the till receipt. Sometimes, when fraudsters ‘clone’ a card, the number held in the magnetic strip doesn’t match the one printed on the card.
Icon expand Your responsibility
Incorrect procedure – if a Chip and PIN card is not processed correctly, you could be liable for the transaction if it’s confirmed to be fraudulent.
Even if a card is authorised – if you've not carried out all the correct checks, there's a chance you may not receive the payment.
Remember, authorisation is only designed to show two things: that enough funds are available to cover the payment and that the card has not been reported lost, stolen or compromised in any other way.
For more information on preventing card fraud, visit the Worldpay website.
Icon expand Customers who use two cards for one purchase.
Card scheme rules don’t allow the use of different cards for one purchase.
Icon expand Is the customer purchase behaviour causing suspicion?
Be particularly wary of the following signs. If something seems suspicious, always make a ‘Code 10’ authorisation call.
- Indiscriminate purchases – does it almost look as if the customer doesn’t really care what they buy? If the goods could easily be sold on, you should be suspicious.
- Easy sales – is the customer too good to be true? For example, they are not even interested in the price or details about the goods.
- Large sales – ask yourself if the sale is much higher than your usual sales. Is the customer buying lots of different items at random?
Icon expand Does the signature show sign of tampering?
Felt pen signature – if you notice a felt pen signature on a card, it could be a sign that fraudsters are trying to hide the real signature. The card signature should always be in ballpoint pen.
Take Five is a national campaign that offers straight-forward and impartial advice to help everyone protect themselves from preventable financial fraud. This includes email deception and phone-based scams as well as online fraud – particularly where criminals impersonate trusted organisations.