Avoiding credit card terminal refund fraud

Effective date: Informational

Credit card terminal theft is increasing, allowing criminals to send fraudulent refunds to their own prepaid gift cards. We want to make sure you are aware of the steps you can take to help avoid this type of fraud.

Terminal security best practices
• Ensure that all terminals require a passcode for refund transactions.
• Don’t use default, generic, or guessable passcodes, such as 1234 or your business address.
• Ensure that your terminals are in a secure location, especially when unattended.
• Don’t post passcodes near terminals.
• Review transaction history to verify refund transactions.
• For Clover® devices:
o Ensure that the Employees app is up to date, deleting employees who no longer have a business need for access.
o Configure the permissions so only an administrator can issue a refund for a previous sale transaction.

In the event of terminal theft and refund fraud
First, contact your local law enforcement to report the stolen terminal(s). Then contact the Merchant Services Help Desk at 1-800-451-5817 for additional assistance to remove the terminal(s) from your account.

If you have any questions about the specific steps to protect terminals supported by Wells Fargo (Clover, FD150, or Verifone®), please let me know.

The Clover® name and logo are trademarks owned by Clover Network, Inc., an affiliate of First Data Merchant Services LLC, and registered or used in the U.S. and many foreign countries.