Be On The Alert To Common Fraud & Scams

More than ever, it’s important to protect your business against scams and fraud. Criminals are looking for various ways to commit fraud or scam victims, so you need to be alert and take appropriate steps to protect your business.

We’re here to help you keep your business safe and secure. Learn what to look out for and help keep your business safe.

Protecting your HICAPS Terminal : Key tips to safeguard your business and customers

What is a terminal takeover?

A terminal takeover occurs when a scammer physically gain control of your HICAPS terminal, often by distracting your staff. They rekey a transaction or use a stolen card number to make fraudulent purchases. They could also enter a stolen card's details and artifically inflate the transaction amount before demanding a refund onto a different card. 

To identify if a transaction was manually entered, look for an indicator such as (m) on the receipt, showing the card details were "hand-keyed". 

 

In the above example, the '(m)' displayed after the last 4 digits of card shows that the transaction was 'hand-keyed'. When refunding, make sure to always refund to the same card.

The below codes indicate the card payment method:

  • (c) Contact - applies to cards swiped and inserted.
  • (t) Tap - card was tapped.
  • (m) Manual entry - card details were hand-keyed.
  • (f) Technical fallback - the terminal was offline at the time of the transaction, and the transaction will be re-attempted at settlement.

How to prevent terminal takeover?

  • Secure your equipment: Keep HICAPS terminal out of reach from the public. Ensure they are always within your line of sign or securely stored. 
  • Staff training: Make sure your team understands the risks of terminal takeover and how criminals may try to distract them. 
  • Limit access: Only a few trusted employees should have access to process refunds, and password should always be kept secure. 
  • Monitor transactions: Regularly check that the transaction amount remain consistent. Criminals may adjust amount to fraudulently claim refunds. . 

 

What is a terminal theft?

Terminal theft involves criminals stealing your HICAPS Terminal and replacing it with a compromised one. This could expose your business to chargebacks or unauthorised refunds processed to the theef's account. that looks the same. 

How can I prevent terminal theft? 

  • Verify identify: Always ask for photo ID from anyone claiming to represent HICAPS or Verifone
  • Check serial number: Match the serial numbers on the terminals with the one displayed on the screen.
  • Secure access: Restrict unathorised access to your terminal, and ensure youre staff is trained to spot tampering.
  • Keep a record: Maintain a list of your terminals, including model and serial numbers, and regularly check for signs of tampering

What is refund scam?

Refund scams occur when a customer asks for a refund to a card different from the one used for the origincal transaction. Refund must always be processed back to the original payment card. 

How to prevent refund scams? 

  • Secure refund process: Use a unique password to process refunds. Only trysted employees should have access to it. 
  • Monitor refund amount: Ensure the refund amount matches the original transaction. Be cautious if a customer requests an unusually large refun or attempts to manipulate the termina. 
  • No third-party transaction: Never accept payments on behalf of another person. Criminals often use this method to access stolen card funds. 

Password security tips

  • Keep password hidden: Do not display or write down the passwords near the terminal. 
  • Update regularly: Change passwords when staff leave or if there's a high turnover. 
  • Limit access: Only allow managers or supervisors to process refunds to reduce the risk of unauthroEnsure the password is not visible to customers.

 

Learn more: 

If you need further guidance on securing your HICAPS terminal refer to the HICAPS Trinity User Guide

Industry partners

We work closely with industry and regulatory bodies to keep you informed and protected. Here are some helpful resources: 

 

Stay informed and protect your business with these free security toolkits: