Online credit card fraud against small businesses

Kate Charlton and Natalie Taylor
ISBN 0 642 53846 8 ; ISSN 1326-6004
Canberra: Australian Institute of Criminology: 2004
(Research and public policy series, no. 60)

Glossary of terms

Cardholder

The legitimate owner of the credit card used to purchase goods or services from the business.

Chargeback

The amount of the transaction which the cardholder disputes, which is then removed from the bank account of the business in order to reimburse the cardholder. In this report, this amount is equated with the amount incurred from an incident of fraud.

Chargeback fee

A fee imposed on the retailer by their financial institution, in the event that a chargeback is issued.

'Clicks and mortar'

A business which trades online as well as having an actual physical store for customers to visit and purchase goods.

Customer

The person making the online purchase (not necessarily the cardholder).

EFTPOS

Electronic funds transfer at point of sale.

Electronic authorisation

The authorisation of a purchase using a designated credit card, which verifies that the account linked to the card is active and has sufficient funds to allow for the purchase. This can be done over the internet using a bank-facilitated web link (while the customer waits) or at a later stage by the retailer, using either a manual EFTPOS machine or by contacting an authorisation hotline. This process does not verify the identity of the customer, nor does it process a withdrawal from the customer's account.

Online trading

The sale of goods and/or services over the internet. Customers must enter and submit their credit card details online; the sale will often proceed without the retailer and customer ever having personal contact. Excluded from this definition is the practice of retailing through a central web site operated by another party, either a franchise head office or an external company, such as Interflora. It should be noted that the term 'online trading' does not refer to buying or selling shares over the internet. It also does not refer to accepting credit card details via email.

Online credit card fraud

A fraudulent purchase made online which is either not submitted by the legitimate cardholder or later claimed to be fraudulent by the cardholder.

'Pure clicks' business

A business which operates solely through online trading, without the need for a store.

Small business

A business employing fewer than 20 full-time personnel (ABS 2001). The terms 'retailer', 'trader' and 'proprietor' are used interchangeably in this report and all refer to a small business.

Scope of the report

Given that fraud is a wide-ranging term that encompasses a variety of crimes, it is important to identify the specific type of fraud which this report examines. Online credit card fraud - the crime investigated in this study - cuts across three broad categories of fraud:

• credit card fraud - for example, telephone credit card fraud or over-the-counter fraud;
• financial fraud - for example, misappropriation of funds (KPMG Fraud Survey 2002); and
• internet fraud - for example, auction fraud, letter scams (National White Collar Crime Center & FBI 2003).

The current research does not address all three of these broad types of fraud. Rather, it focuses exclusively on online credit card fraud perpetrated against small businesses that accept credit card purchases over the internet.