The industry wide fraud mitigation framework
Card-Not-Present (CNP) fraud represents almost 85% of all card fraud in Australia. To help combat CNP fraud, the Australian payments industry body, AusPayNet, opens in new window, have implemented a new fraud mitigation framework, opens in new window. APN is a self-regulatory body set up by the payments industry to improve the safety, reliability, equity, convenience and efficiency of payment ecosystem in Australia. This framework is designed to collaboratively reduce eCommerce fraud across the Australian Payment Industry. It uses an industry-wide approach to reduce CNP payment fraud for:
- merchants (businesses)
- consumers (customers)
- issuers (banks)
- acquirers (card providers)
- card schemes (payment networks)
- payment gateways (online services that authorise payments)
- payment system providers and (services that accept electronic payments)
- regulators (like APRA or ASIC).
The success criteria of this framework will be a reduction in online fraud across the payment industry as we continue to build consumer trust and support the growth of eCommerce.
What you can do to prevent CNP fraud
As a NAB merchant, it’s important to remain compliant and minimise your risk of accepting fraudulent payments. To help, we recommend implementing a strong customer authentication (SCA). This will help protect your businesses from fraudulent behaviour, and also reduce the likelihood that you go over the merchant fraud rate threshold. Other things you can do are:
- ask for comprehensive customer details
- complete validity checks
- ask for identification for the delivery of goods and
- invest in a fraud management tool.
What is Strong Customer Authentication (SCA)?
Strong Customer Authentication (SCA) is also known as a two-factor (2FA) or multifactor authentication method. It’s used to authenticate and verify the cardholder’s identity during a transaction and helps to reduce the risk of fraud and account takeover. SCA uses three categories to check your identity:
- something you know – a password, passphrase, an answer to secret question or a pin
- something you have – a credit card, hardware token or smartphone
- something you are – biometrics scan (finger, facial, retinal, voice, iris).
The merchant rate fraud threshold
The merchant rate fraud threshold is an indicator for intervention. We calculate the merchant fraud rate basis points (bps), with the following formula:
Merchant fraud rate basis points (bps) = Value F / Value T x 10,000
- Value F = value of fraudulent settled, online CNP transactions per quarter
- Value T = value of all settled, online CNP transactions per quarter
Exceeding the merchant rate fraud threshold
You’ll go over the merchant fraud rate threshold if:
- your merchant fraud rate is greater than 20bps and
- you’ve experienced over $50,000 worth of fraud in a quarter.
Should this happen, we’ll get in touch to help you reduce the level of fraud your business is experiencing. Depending on the severity and frequency of the fraud, we’ll guide you through four stages of fraud prevention.
Cyber safety tips for your business
Apologies but the Important Information section you are trying to view is not displaying properly at the moment. Please refresh the page or try again later.