When merchants start accepting electronic payments for goods and services, they also open their businesses up to greater risks. While multiple fraud types can occur directly at the POS and through fraudulent chargebacks, merchant accounts are also prey to cybercriminals that hack systems to steal cardholder information, employee identification data or corporate tax numbers stored in the back office.
While all types of fraud are continually rising, identity theft, in particular, has skyrocketed. According to the 2015 Identity Fraud Study published by Javelin Strategy & Research, $16 billion was stolen from 12.7 million U.S. consumers in 2014, compared with 13.1 million who were victimized a year earlier. The report also concluded there was a new identity fraud victim every two seconds in 2014.
Although identity fraud is carried out in a number of ways, business data systems are a common target. And, despite the fact that access to business data and records is generally restricted by firewalls, encrypted security or old fashioned lock and key, criminals are constantly prowling around for loopholes in corporate operational frameworks.
The widespread adoption of electronic payments established a broader criminal playing field, and as the added risk has mounted so has the incidence of stolen card data and POS system breaches. The industry's answers – compliance programs like the Payment Card Industry Data Security Standard (PCI DSS) and EMV (Europay, MasterCard and Visa) chip-enabled cards – have helped businesses become more aware of the need for locking down this data. However, the criminals are now shifting focus toward online, mobile and other theft-friendly avenues.
Consequently, the theft of consumer card data and identity information during payment transactions isn't the only kind of fraud a business owner has to worry about. The 2015 tax season began with the IRS notifying all taxpayers and businesses that the incidence of tax fraud prompted the federal government to implement tighter measures for authenticating tax returns.
"According to the IRS, tax refund fraud is expected to hit a record $21 billion this year," said Michelle Schofield, Senior Director of Global Marketing at identity management and credentials company Jumio. "The growing issue of tax fraud has brought to light the need for increased verification."
Schofield also highlighted that even if consumers took steps to file early to get ahead of someone else fraudulently filing a return using their stolen identity, criminals would still be able to exploit loopholes and vulnerabilities to gain access to a victims' refund.
This is where business identity fraud comes into play. And, it's a very real vulnerability for which the feds have not yet provided added protections. An article recently published at BusinessIDtheft.org stated, "Tax refund fraud and tax identity theft have become wildly popular with street gangs, organized crime and many other criminal opportunists. The IRS National Taxpayer Advocate reports that tax-related identity theft has increased 650 percent since 2008."
The article stated that many businesses are falling victim to identity theft when fraudulent accounts are opened with just a stolen business name, address and employer identification number (EIN).
Furthermore, a federal EIN essentially acts as a business Social Security number, and it is commonly used for bank accounts, business loans, credit lines and merchant credit card accounts, as well as many other activities. Therefore, in addition to the threat of someone posing as a business owner to open credit lines or other fraudulent accounts, a business EIN is also a target for criminals interested in committing tax refund fraud.
According to BusinessIDtheft.org, these individuals must support a fraudulent tax return with legitimate statements of income. Therefore, the criminals use stolen EINs and business identities to forge W-2 or 1099 documents that trick the IRS into believing a tax refund is due.
These merchant fraud risks can only be overcome with adequate education and awareness ‒ a responsibility in which most members of the payments industry are deeply vested. To maintain customer satisfaction and the industry's fraud fighting reputation, it's smart for payment pros to alert their clients to the business risks associated with tax fraud.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.Prev Next