Payment Security

Payment Security

10 Tips To Protect You And Your Money From Fraud

Faud Prevention Tips

You know the importance of protecting your money, your personal bank information, and your identity. But it can be overwhelming to think of all the ways that you could be at risk. Fraudsters and scammers still exist (rampantly) for a reason: they are good at what they do. They can be convincingly official. Their scare tactics and sales trick work. 

What you need help with is how to protect yourself. Here are 10 simple steps to do now and keep in mind always whenever you’re on and offline. 

Protect your money: 10 tips for fraud awareness

1. Strengthen your passwords

The strength of your passwords is your first and, in some cases, the only line of defence against fraud. If it’s easy to remember, it’s probably easy to steal. The same goes for your security questions. If the name of your first pet is all over your publicly accessible social media networks, for example, it shouldn’t be a security answer.  Every website, bank login, e-commerce site, email, social account, Netflix login, and so on should have a strong and unique password.  

Consider using an application such as LastPass, which generates and saves complicated, long and secure passwords. If you’re using a password management system, be sure to create a secure password for your account and always log out after every use on your devices.   

2. Use multi-factor authentication and identity verification

Beyond securing your login information, consider setting up two-step authorization wherever possible. More online platforms, websites, and services are enforcing multi-factor authentication and identity verification before payments and logins can be completed. This is an important layer of defence, especially for any and all digital payments. Devices that have fingerprint and facial recognition entry points are another good way to protect yourself against fraud.  

3. Consider what information you share with who

Your personal information should be protected and treated with the utmost care at all times. Never share your social insurance number (SIN) (except with your employer or the government). Be careful of who has access to your personal bank information. In the wrong hands, personal identifiers such as your name, address, birth date, SIN, and bank information can lead to identity theft and fraud. 

Scammers could open bank accounts, make online purchases, draw money from accounts, apply for mortgages, jobs, and so on. Make sure that you know who you’re giving information to—and why. 

4. Follow your instincts when it comes to spam

Unfortunately, scammers and fraudsters are getting more clever and persistent in their ways. Phone calls that seem official and threatening. Emails that you have won a too-good-to-be-true prize. Popups for ads that might be useful. E-commerce sites that sell something you want. If something seems phishy, it very well could be. Follow your instincts with threatening calls and suspicious websites. 

Hang up and call the official number of said service back. Wait for an official letter in the mail. Call your bank or government if you suspect that your accounts or identity have been compromised.     

5. Consider how you pay

Paper cheques have all of your personal bank account information listed at the bottom, your name and address at the top, as well as your signature. This is everything that a fraudster needs to steal your identity. Especially if it’s intercepted in the mail. Wire transfers and pre-paid cards can also be risky as it’s hard to get your money back if intercepted. Credit cards, debit cards, and digitized cheques, on the other hand, have built-in fraud protection that helps secure your money in most cases.   

6. Make the connection

Always initiate contact with official services such as banks, employers, and governments. They will never call or email you if it is important. When in doubt, call the official number back, not a number given by a caller or emailer. 

7. Avoid clicking unknown links, emails, popups, and downloads

The same goes for official emails and services. Never click through to a link. Go to the official website, platform, or service page. Never open unknown emails. Never click on links within emails or websites before checking them first. If you hover over the link, without clicking on it, the URL will appear below. Ensure that it is the correct link before clicking on it. 

8. Secure your devices with up-to-date security software

Your desktop, laptop, and mobile phones should all be protected by up-to-date popup blockers, security software, and malware detectors. Ensure that you are protected wherever you browse, click, shop, or make payments online.

9. Practice safe online browsing

Having security software working in the back-end to protect you is important. However, do your part to practice safe online browsing. Never click unknown pop-ups or suspicious ads, links, chats, emails, prizes, videos, downloads, and so on. If you do, immediately close the link and do not fill out forms or share any personal information.

10. Consider tokenized digital payments

Many websites and platforms are turning to tokenized systems for extra security and less risk. Tokens are algorithmically created numbers that represent your personal bank information. This means that your actual account information is never shared, transferred, or stored during online shopping or digital payments. 

VoPay, for example, uses tokenization to secure all digital payments—from online shopping to paying bills and transferring money online. 

Learn more about VoPay and secure digital payments.

read more
Payment Security

Tokenization: The Secret Key to Payment Security


The rise of digital shopping triggered a world of innovations that boost security and consumer experience. Tokenization is among them. Of the 2.1 billion digital buyers worldwide, most of them may never know what tokenization means—or what it means for the future of their personal data security. 

The not-so-secret world of tokenization

Apple Pay, for example, became the market leader over Starbucks in 2019 with 30.3 million users or 47.3% of mobile payment users in the U.S. What those consumers probably don’t know is that Apple Pay uses tokenization. Apple customers take a photo of their credit card and load it into their iPhone. From this, Apple creates a random, algorithmically generated number—a token—that represents the credit card information. 

Likewise, in late January 2020, Visa released the Visa Token Service (VTS) that is estimated to process a combined e-commerce volume of $1 trillion. According to Visa’s Chief Product Officer, Jack Forestell, “as digital transaction volume grows, there has never been more urgency to build increased confidence in the seamlessness and security of online shopping. This is why Visa is committed to the success of the click to pay experience and the added level of security that tokens bring to electronic payments.”

Extra security measures for consumers and retailers alike are essential as more consumers spend online. Over the 2019 Christmas shopping season, for example, consumers spent $125.6 billion online. More than a third of that spending took place on their smartphones. Currently, 69% of U.S. consumers store a card-on-file or set up recurring billing with trusted retailers. 

However, storing sensitive banking and personal information is a security risk and liability for merchants, e-commerce sites, and retailers. That’s where tokenization comes in.

What is tokenization?

Tokenization adds a layer of security to consumers’ sensitive information, such as bank account and credit card details. It protects sensitive data by replacing it with a unique and randomly generated number. This number is called a token. Tokens help the organizations and retailers securely store and transfer information. 

Not only do tokens replace sensitive numbers and data with an algorithmic number, but they also retain the essential information. Think of them as a unique code to a lockbox full of information. The bank account and accompanying personal data are stored in a secure token vault. 

Rather than using credit card information to make digital payments or purchases, tokens are used. These tokens can be stored in and passed through e-commerce sites and wireless networks without ever sharing actual bank account or personal details. In fact, most retailers and e-commerce sites will never see or have access to a consumer’s actual bank information, even if the token is specific to that retailer.

Instead, they work with secure third-party technology companies that connect a token purchase back to the original bank account information—and arm themselves with enhanced security features. Which brings us to our next point.

VoPay on tokenization: The future of payments

Payment experts are seeing an uptick in tokenization as more organizations move away from encryption. This is because tokenization is a more cost-effective, secure, and user-friendly way to protect sensitive consumer data. 

VoPay’s Intelligent EFT / ACH (iQ11) payment service, for example, accepts tokens from numerous leading data aggregator companies including Plaid and Flinks. These secure API partners create and store their own secure tokens. This means that a user can skip all of the authorization access and bank account selection steps while they’re shopping online. This streamlines the payment check-out experience even further than ever before. Once a user has granted access and their data is tokenized, there’s no need to ever do it again. 

With VoPay’s next generation bank payment service, only tokens are ever shared between consumers and retailers—not sensitive bank account or credit card information. By streamlining this experience, security, and integration, we’ve been able to create one unified token that can unlock an entire digital ecosystem.  

Learn more about VoPay today.

read more
Payment Security

How to Make Online Shopping Even More Secure

Fraud Prevention

Digital banking, mobile transactions, digital payments, and e-commerce are synonymous with consumer and retailer convenience and experience today. They are an integral part of how we function as a globally connected society. Despite this, they’ve also increased the risk.  

Money fraud, credit card fraud, online and mobile scams, identity and information theft, among many other cybersecurity risks have been on the rise for years. For example, in digital CNP (Card-Not-Present) transactions alone, such as with e-commerce shopping payments, retailers are set to lose $130 billion in fraud between 2018 and 2023

According to another study, the most common form of e-commerce fraud that caused merchants stress were identity theft (71%), phishing (66%), and account theft (63%). Most often credit cards were the target because the fraudster did not need much information to complete a CNP transaction, which we’ll discuss shortly. Likewise, 43% of retailers say that a top challenge is verifying a consumer’s identity digitally

It’s no wonder why retail fraud attempts are doubling year-over-year and have have tripled since 2017. Today we’ll briefly discuss the plethora of both simple and sophisticated digital money frauds and risks to watch out for as you shop online as well as tips for keeping your money safe online. 

Top examples of online money fraud—and tips on staying safe

Identity theft 

Identity theft has perhaps the most serious and scariest consequences if you fall victim to it. This is where your personal information, such as your Social Insurance Number (SIN), name, address, and bank details, have been compromised by a fraudster. These imposters can use your information to open new credit cards, lines of credit, and make purchases in your name. Identity theft victims can even end up with false criminal records.  

According to a 2019 Identity Fraud Study by Javelin Strategy & Research, the number of identity fraud victims in 2018 was down to 14.4 million from 2017’s record high of 16.7 million. However, 2018 victims tended to have a much larger financial burden.

Safety tip: Avoid sharing your personal financial information and never divulge sensitive account details to strangers or unknown sites, emailers, phone callers, etc. Only make online purchases with credible e-commerce sites. Monitor your accounts frequently and be careful with your receipts and printed financial statements. 

Here are more great tips to avoid identity theft.

Credit card fraud and money risk

Credit card fraud is a type of identity theft and consists of two kinds: existing-account fraud and new-account fraud. With existing-account fraud, the fraudster accesses your existing credit card by stealing your information and/or login details from you or a retailer. For example, if an e-commerce site is hacked or you fall victim to a phishing attack and share account details, the imposter could make online CNP purchases. 

New-account fraud is more similar to identity theft in that the fraudster uses your SIN, address and other personal information to open a new credit card account in your name. Most often, and in both cases, the fraudster will start out by making small purchases to ensure that the cards work before making larger purchases. 

Safety tip: As a consumer, never share your financial information and always check the credibility of a website, ATM, gas pump, and other various digital payment methods before you buy. As a merchant, e-commerce shop, or institution, ensure that your website and any third-party applications or partners are armed with up-to-date cybersecurity and fraud detectors. 

Card-Not-Present (CNP) transaction fraud 

CNP fraud is rampant in our digital landscape and is a form of credit card fraud. An example of this would be if a fraudster gained access to your credit card information—security code, expiry date and all—and made online purchases easily. Thankfully, many merchant’s banks are required to reimburse the fraud victims when a CNP transaction is fraudulently made at their expense. 

Safety tips: Many merchants and banks have a number of fraud mitigation solutions built into their coding or through third-party applications and cybersecurity vendors. It is up to e-commerce sites to protect payments data and their consumers from fraud. Consumers should follow the same tips as above to protect their information from all types of scams, fraud, and risks.

Investing in fraud detection and prevention for the future

According to a recent Juniper study, digital payment players, such as ourselves here at VoPay, will spend $9.6 billion annually on Fraud Detection and Prevention (FDP) solutions in 2023. The bulk of this spending growth in 2023 is likely to be driven by financial institutions and payment service providers, rather than by retailers. The study predicts that this is largely due to a heightened awareness of FDP benefits among the digital payments providers.

How VoPay keeps consumers and merchants safe 

Not only has VoPay, a leading digital payments solution, invested in cybersecurity, but we also lessen the risk of credit card fraud, CNP fraud, and even identity theft. Here’s how: unlike traditional bank account payments, VoPay generates and shares a token, not a bank account or credit card information, between a consumer and a merchant. 

This allows for increased security and privacy for both the consumer and the merchant. For the merchant and institutions, VoPay’s risk intelligence software is designed to automatically and proactively prevent payment fraud. 

Learn more about VoPay and secure digital payments. 

read more
Payment Security

How Secure is Your Cheque Book?

cheque fraud

At the bottom of every cheque is your bank’s branch transit number and financial institution number, as well as your personal bank account number. At the top is your full name and address, and, if you’ve signed the check, your signature. In short: everything necessary for someone to commit cheque fraud and put your money at risk.

Cheque fraud and security in Canada

Even though cheque use has been declining over the years, Canadian financial institutions still process almost a billion cheques every year. With such a high volume of cheques travelling between consumers, post offices, banks, and businesses, they are a target for fraud and identity theft. Likewise, if a cheque is stolen or lost it cannot be replaced or cancelled as easily as credit and debit cards that have built-in security features. 

In fact, CIBC’s privacy and security policies state that cheque fraud is one of the oldest and most common forms of financial crime. For example, with fraudulent or counterfeit cheques, criminals create counterfeit cheques or change the details on a real cheque for their financial gain. 

How often does cheque fraud occur? More than you might expect. The most recent Statistics Canada research found that 29 percent of fraud against banks was cheque fraud. There are three main types of cheque fraud:

  1. Counterfeit: Cheques not authorized or written by the account holder
  2. Forged: Stolen cheques which haven’t been signed by the account holder
  3. Altered: Legitimate cheques that have been intercepted and altered

The traditional way of protecting yourself from cheque fraud

To protect yourself from cheque fraud, financial institutions suggest rather dated ways to keep your cheques secure. They suggest locking your cheques away in a secure location. Keeping track of cheque numbers and amounts. Double-checking with the cheque sender that the information was correct and legitimate. Reviewing monthly bank statements regularly and notifying your bank if there is any unusual activity. 

But that is all very manual and reactive, rather than proactive. Besides, do financial institutions have policies to review signatures and for fraud on cheques? What happens if you do become the target of cheque fraud? 

How do banks verify cheques?

Global News found that many banks have a policy to not review signatures under a certain amount. That certain amount is usually $5,000, which can make a serious impact on a person’s financials or small business’ bottom line. One bank spokesperson said that it is policy to verify every cheque either by a teller or with an automated system, but because of the volume of cheques cashed every day, that some do get through without being flagged. Lower dollar value cheques and those cashed through an ATM tend to not get flagged.  

In the Global News article, one Calgary business owner discovered a cheque that had been written from his business account by someone other than him for $2,700 to someone he had never met. He contacted the bank immediately when he noticed the issue, however, they initially said they would not do anything because he waited too long to notify them. Since the article came out, they did, in fact, reimburse him.

Counterfeit cheques cost businesses more than money

The Bank of Canada states that “any individual who, knowingly or not, accepts a counterfeit bears the loss.” Counterfeit cheques can be a serious financial loss for both the individuals involved and the businesses, especially if they cannot be reimbursed. Not only do fraudulent cheques often go undiscovered for some time, but they may also impact a business’ cash flow and profits, depending on the amount. 

Beyond financial loss, bad cheques take a toll on public confidence—both of the banking system, the security of the cheques, the individuals, and the businesses involved. Regaining trust is difficult and takes time. 

Interestingly, 90 percent of people who use third-party applications and e-commerce sites to store payment information are confident that their financial information is secure. 

Learn more about VoPay’s direct payments through secure digital banking. 

read more