Merchant frauds have seen a massive growth in the last few years. Find out how you can wisely tackle merchant fraud and protect yourself from its threats.

As we usher into an era of unprecedented technological advancements, we realize that frauds have become an everyday occurrence. As a result, we no longer get surprised as we used to when we hear some merchant or the other got duped of millions of rupees. 

Among the plethora of frauds plaguing us, we have often forgotten that merchant fraud remains one of the major pain points and is costing e-commerce vendors some severe financial loss. 

Merchant fraud detection has not found the traction they deserve because they are hard to detect. In addition, details about them are often lost in the complexities of digital payments. As a result, while much work has ensured merchant fraud prevention and detection, the results are far from acceptable. 

This article discusses the types of merchant fraud and some tips that you may find handy. 

What are Merchant Frauds? 

The year 2020 saw a staggering 220% increase in merchant frauds and phishing compared to the last year. 

Before we discuss what merchant fraud is, you must understand how a card-based digital payment works: 

A credit card or a debit card payment cannot be processed without a merchant account. As soon as the customer places an order, the payment processor checks if they have a sufficient balance in their account and authorizes the transactions if they meet all the conditions. They then shift the funds from the issuing bank to the merchant account. Once the e-commerce vendor confirms the order, the amount is transferred to the seller after some days. 

So, What Leads To Merchant Frauds? 

Also referred to as fake merchant frauds, most such transactions do not involve actual merchants. Instead, the merchant account is illegally managed and operated by criminals or fraudsters. These accounts process credit card transactions to steal credit card holders’ data and then use it to make fraudulent purchases. 

Merchant Vs. Transaction Fraud 

While merchant fraud also involves transaction fraud, these two are different. Transaction fraud happens at the user-end and comprises unauthorized transactions, chargebacks, and more. Here, the fraudster employs phishing or uses data from a leaked database to generate financial details required for carrying out transaction fraud. 

In contrast, merchant fraud occurs when the fraudster becomes an imposter and uses measures beyond the end-user’s essential due diligence. These are done to dupe the authorities or individuals carrying out the transaction.

Types Of Merchant Frauds 

Merchant frauds come in several types and forms, and here are the most popular ones you are likely to come across:

Types of merchant frauds prevalent these days

Bust-out fraud 

Bust-out fraud refers to circumstances where merchant accounts are opened to dupe buyers and not for carrying out a legitimate business. Most of these accounts are short-term, and the fraudster carries out a bunch of transactions and then abandons the account without repayment. 

Transaction Laundering Or Factoring 

Several high-risk ventures require payment through secure merchant processing. It entails lower costs and far less risk of running under the government scanner. So, the fraudster uses the merchant partner details to carry out transactions across shadow sites without them knowing the same. Such transactions are even difficult to track given the multitude of other transactions the merchant processes every day.  

Identity Swap 

Here, the criminal uses the merchant account to launch a legitimate online store and uses it to bypass AML (Anti-Money Laundering) rules. They use it as a cover to carry on shady transactions and solicit funds. As the name suggests, the criminal takes over someone else’s account and makes the requisite transactions under their name. 

Business Remodeling 

In these cases, the fraudster establishes a low-risk merchant category business to avoid prying eyes and acquirer scrutiny. Once the KYC is complete, and the account is set up, the fraudsters remodel their business and start selling items of their choice. It is one of the easiest types of merchant fraud to carry out. 

Tips For Managing Merchant Fraud Risk 

With merchant fraud risk looming large, you must take the requisite steps to ensure merchant fraud detection and prevention timely. Here are some tips that would help you prevent yourself from falling into the trap: 

  • When you collect sensitive data about customers, such as their payment card numbers, bank account details, identification, and names, ask how you want to keep it to ensure optimum security. 
  • In addition, make sure you scrutinize who has access to the data and if they require the same. 
  • Unless the data is crucial for your business, make sure you do not store it on the server redundantly. Merchant fraud prevention can be easier if you destroy sensitive data from locations accessible to hackers. 
  • Use tokenization instead of attaching loyalty programs to each customer’s card numbers wherever possible. It would enable you to manage your reward program without storing critical customer information seamlessly. 
  • Have a stringent periodic check to understand who and why an employee has access to your payment servers 
  • If you are using remote access, ensure that it is secure to prevent unwanted access. 
  • If you are dealing with a third-party integrator or reseller, make sure they are PA-DSS compliant. 


Having a merchant account is a massive responsibility. So, you must undertake optimum due diligence and ensure that the sensitive data you store is safe from unwanted access. Moreover, with losses from merchant fraud risks increasing every passing year, you must set up a robust security system and take advantage of BIG data to filter fraudsters and minimize the chances of scams.  

Ultimately, to avoid merchant fraud, the best way to go about this is by opting for a secure payment gateway for your e-commerce website. With PayU’s additional security and many other features, fraudulent activities are not for you to worry about.