Payment fraud is always a risk to businesses, and it can have significant costs. Fraudsters have become ever more savvy at illegally obtaining information online. Email, instant messaging and even online auctions are all means with which hackers can attempt to steal sensitive data.
It’s essential that businesses protect themselves. B2B payments within travel are no exception. The evolving threat demands that companies of all industries and sizes be agile and prepared against fraud risks.
There are various features within our portal which, when used effectively, can help limit the risk of fraud:
Creating single-use cards
You can create single-use cards via the portal, this means the card can only be used once. After the card has been used, the card details cannot be used again.
If you need to generate multi-use cards, use the shortest possible expiry and make use of our scheduling feature.
Setting card limits
You can set card limits when creating cards on the portal, which means a supplier can only settle a card for the agreed value.
Short expiry date on cards
Pax2pay cards by default have a 1 month expiry. If the card has expired, the card cannot be used which can protect you against potential fraud.
Future scheduled date
When creating a card, you have the option to input a future schedule date, which means the card cannot be used until the date you have agreed with your supplier.
Payment link expiry date
When sending the supplier the card details using the Pax2pay email feature, you can select a timeframe you would like the supplier to have access to the card details. Once the card payment link has expired the supplier will no longer have access to the card details. Keep this as short as possible.
Managing users within the Portal
Ensure you actively manager users on the portal. Remove them if they leave your company and only give access to those that need it. Once we set your account, it is your responsibility to ensure you mange your users access.
When sending cards to suppliers:
- Only share card details with a trusted individual
- If you are sharing the card details with your supplier via email, ensure the recipient has sole access to their inbox
- Ask your supplier if they are PCI compliant. If your supplier is compliant they will ensure your card details are kept securely
- Make it clear to the supplier what the cards should be used for, so they only use the goods and services agreed
- If a supplier asks for a new card to pay for a booking, make sure you verify the identity of the person you are speaking to - they should be a trusted contact. Do not issue a new card until you are certain the original card has failed and you've cancelled it.