or wait 15 seconds
or wait 15 seconds
Darrin Heisey, of Partech Inc., chats with Brian Anderson, Modern Restaurant Concepts; Devin Handler, Garbanzo Mediterranean Fresh and Sunny Ilyas, of Vale Food Co., about fraud. Photo by Willie Lawless.
As financial transactions become increasingly digital, cyber crime becomes a bigger concern for all types of businesses.
Foodservice operators can protect themselves from fraud by following stringent security practices and using state-of-the-art transaction processing equipment, noted a panel of veterans during the Fast Casual Executive Summit in Austin. Darrin Heisey, director of product evangelism at ParTech Inc., a provider of point-of-sale and workforce efficiency technologies for retail and restaurants, served as moderator.
"I'll never win by making sure you (as a customer) have a secure transaction, but I will lose every time if that transaction isn't secure," said panelist Devin Handler, vice president of marketing at Garbanzo Mediterranean Fresh, a St. Louis-based Middle Eastern food truck and restaurant chain operator. "We're very good at monitoring this (theft) inside a restaurant, but this opportunity for death by a thousand frauds is everywhere."
Panelist Brian Anderson, director of technology at Modern Restaurant Concepts, a multi-concept restaurant platform, began the discussion by defining fraud. There is traditional fraud, such as credit card theft; employee theft; and new types brought about by technology, such as gift card fraud.
While credit card theft isn't new, the Internet has given rise to new opportunities for credit card scamming.
Stolen credit card information is available on the "dark web" that people can buy and use to make purchases. When merchants, including restaurants, notice small credit card purchases being made, there's a good chance it is a person testing stolen credit card information, the panelists agreed. Once the fraudster knows the stolen information can be used to make a purchase, they use it to make larger purchases.
"No one is ordering a cookie or a piece of baklava to be delivered through DoorDash, except for someone testing a card," Handler said.
The party whose information has been stolen can dispute the charge with the card issuer, in which case the charge can be reversed, leaving the merchant at a loss. The bigger problem for the merchant, Handler noted, can be the impact such events have on their reputation.
Stolen gift cards are another problem. Scammers use stolen credit card information to purchase gift cards, then sell the gift cards at discount on online auction sites.
"I don't offer electronic gift cards for that reason," said panelist Sunny Ilyas, founder and CEO of Vale Food Co., a healthy fast casual chain. "There are hackers that specialize in it. From a merchant standpoint, just to go through that disputing process I believe you get charged a flat $10 to $15. At that point, is it even worth it? Are you going to get these dollars back?"
Anderson also noticed a lot of chargebacks on catering orders. His company initially did not require card verification in the payment transaction process for catering orders. They then required additional information, and the chargebacks subsided. "Other ways to verify identity can easily mitigate your liability," he said.
Asking guests to provide their zip code, which many fuel stations require, is a huge help, Ilyas said.
Handler said he makes it a practice not to order products digitally if the vendor is not asking for information to safeguard the process.
Anderson said his company introduced EMV and near field communication payments a few years ago to make payments more secure, and he hasn't looked back.
"There are all these ways to make a payment electronically where no card information is ever exchanged between the consumer and your company," he said. "It's all tokenized information that's passed through the payment system that verifies that I can pay $12 for my lunch today. And generally, it's much faster than using a chip payment."
"As a segue, we got a better way to collect and distribute tips for our employees," he said. "If you're not using EMV payments and NFC payments, make an effort to get there because you're going to get all those benefits."
Anderson encouraged online payment platform developers to prioritize the integration with the major mobile wallets since they use NFC. "It's already enabled, it's completely tokenized, there hasn't been a way developed yet that it can be hacked … unless someone physically steals your phone … or clones your phone to verify the two-step on confirming your payment," he said.
In addition to all the new opportunities for fraud, mobile ordering and delivery has ushered in what Handler called "digital dine-and-dash" where the customer requests and receives a refund from their credit card company. "You lose the money, you don't know what happened with the guest," he said. "At least twice a month they can probably get free food before anyone starts noticing what's happening."
Employee training is critical to protect against fraud and theft, Handler said.
"Don't let someone who is not assigned to a cash drawer touch that cash drawer," he said. It is also critical to monitor that employees are following standard operating procedures. Fast casual restaurants tend to operate quickly and are prone to skip steps, he added.
Elliot Maras is the editor of KioskMarketplace.com and VendingTimes.com.