For those about to sell, we secure you

18 Jun 2007

E-commerce may be making a welcome return, but prospective online sellers need to be aware of the threats and not just the opportunities.

The internet can be a vital additional sales channel but there are risks involved.

Two key considerations for any potential merchant should be to protect oneself from fraud and protect customer information from being seen by others.

As to the first consideration, data from the ATM Industry Association shows that cardholder-not-present fraud increased by over 21pc across Europe last year. The latter risk, meanwhile, has been brought into sharp focus this year by the TJX case, in which the parent company of the TK Maxx stores had customer credit card details stolen.

The TJX attack, it should be emphasised, didn’t involve a website at all but a vulnerable wireless network point. However, if it helps to concentrate minds on the need for strong security, then so much the better.

There are several telltale signs that an e-commerce transaction might be suspicious, says Sarah Conroy of the risk management group at AIB Card Acquiring.

“Things to watch out for are purchases involving bulk buys or where the customer is buying multiple quantities of random items,” she warns. “Do not accept orders from customers giving you a third party’s card number, claiming to be acting on behalf of a client.”

Another fraudster tactic is one where the cardholder uses different addresses with the same card details as before, or has the same delivery address but uses different credit cards for each order, Conroy points out. AIB business customers can call the AIB Authorisation Centre on 01 2697700 if they believe a transaction is not what it appears to be.

There are several ways to ensure against fraud, even up to the delivery stage. “If using your own delivery service, issue the driver with a manual imprinter and vouchers, with instructions to take an imprint of the card and get the cardholder to sign. Alternatively, use registered post or a reputable courier for delivery,” advises Conroy.

Both AIB and Bank of Ireland, the country’s two largest banks, offer services to business customers that let them process payments through their websites. In the real world, shops have a terminal at the counter to accept payments by debit or credit card. “We have the internet equivalent of that terminal,” explains Dermot Nolan, head of payment strategy with Bank of Ireland.

“Our solution is designed so that the seller doesn’t get the credit or laser card details of the buyer — that stays with the card company,” he adds. “The reassuring thing from the customer point of view is that their data isn’t given to anybody. Some of the merchants actually view this as a selling point — that there’s no possibility of the online seller doing anything with the data, unintentionally or otherwise, because they never have it.”

Research by Bank of Ireland in the final quarter of last year identified a buy/sell gap among businesses. A survey of 1,000 companies, mostly in the SME sector, found that while 34pc are buying goods and services online, just 9pc are selling them.

By contrast, Realex, an independent online payment processing company based in Dublin, has seen significant increases this year in internet sales volumes and in businesses signing up to transact online. The signs seem to point to a renewed appetite for Irish companies to trade on the web. But with security in mind, this charge to the web should be fuelled by caution and good sense.

By Gordon Smith