One of the strangest things about working in the finance industry is finding out just how many people attempt fraud. Our new accounts team is constantly looking at applications to ensure that applicants are who they say they are (and engaged in a legitimate business), while our engineering team works hard to keep our systems secure. Our cards are designed for expense management, but the full controls are also good for stopping fraud.
We want to stop problems before the occur. When they do happen, we want to mitigate damage as much as possible. Stopping fraud is a priority because it is a huge hassle for our customers, even if they have no financial losses.
Over the Thanksgiving holiday weekend, someone hacked into a third-party system and captured information on hundreds of credit cards. Among these, our operations team found that 30 different Bento cards from different customers had been compromised. One of these cards was a Bento corporate card.
As soon as the breach was discovered, the cards were cancelled and the account holders were notified. Our customer support team set aside their pumpkin pie and kicked into high gear to make things right.
Because the fraud hit one of our cards, we saw exactly how our controls mitigated the damage. The fraudsters tried to make several charges of $30,000 each on mysterious websites based overseas. But the card wasn’t set up to allow those charges. Our CFO received several messages about declined charges, followed by a message that the card had been cancelled because it had been compromised. It all happened in a matter of minutes.
A lot of our clients saw declined charges over the holiday weekend, most of which were perfectly normal. Maybe an employee pulled out the wrong card while shopping on Small Business Saturday, leading to a denied charge of $50 or so at a local toy store. That’s no big deal. Those things happen. Using Bento saved you and your employee the hassle of figuring out reimbursement.
But when you receive a notice that someone is trying to charge $30,000 on mysterious websites based overseas, well, there’s something going on! Because of Bento’s full controls, the vast majority of fraudulent attempts are stopped cold. Hackers may be able to steal your card number, CVV, and expiration date, but they don’t know how much a card is authorized for, on what days of the week, and in what spending categories.