North Texas Dentistry Volume 9 Issue 6 2019 ISSUE 6 DE | Page 20

fraud alert
HOW TO PROTECT YOUR PRACTICE FROM
FINANCIAL FRAUD
Financial fraud is a hydra. Every time there’s a leap forward in
security procedures, it adapts, growing new heads. Then there’s
the fraud that could be perpetrated internally—embezzlement.
Though there’s no fail-safe method for preventing it—especially
in a rapidly-changing environment—there are process controls
you can put in place to help protect your practice.
Protect the merchant number provided by
your credit card processor.
Though it may seem like innocuous information, that merchant
identification number can be used to access your account and
commit fraud against you. It makes it relatively easy to pretend
to be your office, and allow someone to attempt to make changes
to your account that could be used to set up new equipment for
illicit transactions or direct your deposits to a new bank account,
among other things. It’s important to remember the following.
Never give out your merchant ID number over the phone. Crim-
inals may call pretending to be your processor or claim you’re
not compliant, and ask you to verify account information. Always
make the caller give you your merchant ID number.
Redact your merchant ID number before sending your monthly
statements to anyone outside of your business. Most credit card
processors will do a cost analysis (for potential clients) based on
a previous statement. Out of the thousands of cost analyses we
do for offices, less than 5% take the simple step of blacking out
their merchant ID number.
20 NORTH TEXAS DENTISTRY | www.northtexasdentistry.com
by Jennifer Nieto
Card readers often have a sticker containing the merchant ID
number. Make sure it’s not easily visible to people outside the
office. The best practice is to truncate the number to the last six
digits, but not all processors do.
Before you get rid of a terminal, make sure
the memory is deleted.
When you purchase a new card reader or switch credit card
processors, make sure your processor deletes the memory on
your old reader by performing a quick software update to it that
removes the old application. Otherwise, someone might use that
terminal and your account without your knowledge. If you keep
the terminal as a backup, keep it locked up.
Use secure email when sending private data.
Credit card processing is a banking transaction, and requires
your tax ID, the social security number of the contract signer,
and a copy of a voided check (which contains your bank rout-
ing/checking account number). Make sure this information is
left off the signed contract and sent via secure email. If you’re
not using secure email, only provide this information verbally.
File for a hawk alert with the three major
credit bureaus.
Or sign up with a service that will do this on your behalf to pro-
tect your identity.