Don’t Be a Fraud: Secure Transactions, PCI Compliance, and Fraud Alerts

Secure Transactions

*Post updated 3/16/2016

Avoiding fraud and keeping your donors’ information secure is a high priority for any nonprofit in today’s world. Greater Giving has a wealth of experience in helping nonprofits offer secure credit card transactions. Below are three of the biggest hazards faced by nonprofits and what to do about them:

Obtain a Signature on Delivery

Your auction is over and you are sending items to the winners. If you do not know the cardholder (if the person is not a member of your organization or does not have children in your school, etc.), pay the extra charge to get a signature on delivery (UPS, FedEx, USPS) This will provide you with a record that the item was actually delivered, should any question arise later.

Refund Transactions to the Original Credit Card

If a bidder or donor asks for a refund for a transaction, make sure to issue the refund in exactly the same manner as the original transaction. This is true for all transaction types. For example, a donor contributes $1000 by credit card on your donation page, but only meant to contribute $100. If he requests a credit for the extra $900, do not send a check or issue a refund to a different credit card. Only issue the refund to the original credit card used for the $1000 donation. That way you know for sure the money is going back to the person who made the transaction, not to someone else.

Watch for Suspicious Activity

Watch your organization’s online transactions carefully for any suspicious activity. For example, maybe you notice several $5.00 or less transactions from the same cardholder or see that a cardholder has entered gibberish for their contact/address information. If you see something out of the ordinary, take steps to refund the transaction(s) to the original credit card. For Greater Giving clients, we are happy to give you a second opinion on any suspicious transaction. Just call our Client Services department at 1-866-269-8151 for assistance or through our online chat.

Additional Items to Keep in Mind

  • Security Code—When collecting credit card information, many online transactions will require the security code for the card. If you collect this information, or end up with it at any point, destroy it immediately after one-time use. In most cases, this is the 3-digit number on the back of the card, frequently referred to as CVV. American Express cards have a 4-digit number on the front of the card (and the card number itself is only 15 digits instead of the standard 16 digits).
  • Written Documentation—If a dispute does occur, you will need written documentation of your transactions to prove authorization or participation of the cardholder. Most credit card companies now accept email as adequate proof that a transaction occurred.
  • PCI Compliance—Make sure your online credit card transactions are PCI compliant. The Payment Card Industry Data Security Standards (PCI DSS) were developed by the major credit card companies as a guideline for companies to avoid fraud, hacking and other threats. Greater Giving’s PCI compliance process includes a quarterly review and an annual on-site accreditation, making us a Level 1 vendor, the most secure level achievable.

With a little attention to detail and excellent record-keeping, you can avoid the most common transaction frauds faced by nonprofits today and never lose the much-needed funds raised for your mission!


Share your thoughts