10 tips for keeping your ecommerce startup safe this festive season


It’s the end of the year and it’s time to shop. If you own an e-commerce platform or sell stuff online you are probably hoping that common sense prevails and the mouse click wins over the cheery festive music in the mall.

It’s also a time when you need to watch out for fraudulent behaviour. Here are 10 essential tips to stay ahead of cyber criminals this festive season.

1. Obtaining an authorisation code does not guarantee settlement by the bank

An authorisation merely means, at the time of request, that the card had adequate funds in it and had not been reported lost or stolen or is not in arrears.

2. Be careful of cancelled transactions

Frequently after a transaction has been processed, fraudsters cancel that purchase. In this event, you are required to reverse the transaction on the card number that the original payment was made on. Do not refund the transaction on another card number and do not make a deposit to a nominated bank account.

3. Be careful of the same card number being used repeatedly at your website

You should also be wary of repeat purchases being made from the same IP Address or computer.

4. Remember that as a merchant you are required to ensure delivery of goods

If you outsource courier services, make sure you choose a reputable company that understands the value of being on time and goods arriving in one piece.

5. In the event of someone wanting to collect the goods, limit the collection agent to the cardholder

This will allow you to take an imprint of the card and get the client’s signature. Also make a note of vehicle registration details. Remember point four above.

6. Be particularly alert with large transactions coming from a domain like Gmail, Yahoo and others

Clients who would be making a large transaction would most likely have a personal or a business e-mail address.

7. Be wary of that “spectacular sale” that will add great value to your business

“Too good to be true” is frequently just that.

8. When requesting customer details, insist on a landline as primary contact

Even if they’re not able to provide one for home, they should be able to provide one for their place of work. Or, failing that, a compliant relative.

9. Be particularly alert when requested to make foreign deliveries

Ask questions such as do I know the client, who am I dealing with, and have I done the necessary checks?

10. Most importantly, always choose a payment partner that is 3D Secure and PCI DSS compliant

Ask your payment partner whether they regularly go through PCI DSS audits. Also ensure that they us an additional fraud detection and prevention platform like ReD which will further protect you and your customers.



Sign up to our newsletter to get the latest in digital insights. sign up

Welcome to Ventureburn

Sign up to our newsletter to get the latest in digital insights.