Skip to main content
Home » Retail & Ecommerce » Top tips: how to stop fraudsters from targeting your eCommerce website
Sponsored

Brian Kinsella

Senior Regional Fraud Manager, Elavon

Many forms of fraud targeting eCommerce are emerging, and both small and large businesses can be affected. Luckily, there are ways you can stop eCommerce fraud.


Carding is the process where stolen or cloned card details are used to make a small online purchase, to test if a card is valid and active. Often, a piece of automated software will try to make potentially thousands of small transactions until one is successful. Those details can then be used for larger fraud elsewhere.  

Consequences of eCommerce fraud 

If it later turns out that the larger fraud was carried out because of carding on your site, you could find yourself exposed to reputation and legal implications. You could also face additional fees for excessive authorisations and declines from card brands. 

Brian Kinsella, Senior Regional Fraud Manager at Elavon, says: “We often see the types of businesses that fall victim to carding attacks are small companies that may not have invested heavily in website security. By taking a few simple, low-cost steps, you can prevent your business from falling foul of carding and any card fees for excessive declines.” 

We often see the types of businesses that fall victim to carding attacks are small companies that may not have invested heavily in website security.

Ways to protect your business from fraud 

There are many ways you can protect your business from fraudulent carding activity. 

  • Have a good ‘captcha’ test on your website to frustrate carding attempts. A ‘captcha’ is a way to tell the difference between a human and a robot. 
  • 3-D Secure is the umbrella name for Visa Secure and Mastercard SecureCode, which have been introduced to add extra security for online shopping. By adding 3-D Secure to your eCommerce, you can fully authenticate the cardholder. While 3-D Secure cannot and does not eliminate chargebacks entirely, it does vastly reduce the incidence of fraud. 
  • Remove the copy-and-paste function on your payments page to make it harder for an automated script to test transactions. 
  • Ask your payments gateway provider about other fraud-management products they have available, to identify and block attacks. 

As businesses continue to go digital and rely on websites, it is crucial to ensure that you have the necessary security precautions in place. With the right tools and measures, you can protect your business from fraud.  


Elavon Financial Services DAC. Registered in Ireland – Number 418442.  
Registered Office: Block F1, Cherrywood Business Park, Dublin 18, D18 W2X7, Ireland. 
Elavon Financial Services DAC, trading as Elavon Merchant Services, is regulated by the Central Bank of Ireland. 

Next article