Geoffrey Dexter, whose firm Millais Antiques specialise in antique arms and scientific instruments, was caught out after his credit card terminal failed to pick up a fraudulent transaction.
He sold a c.1875 four-barrelled Derringer pistol for £1100 in October last year to a buyer who gave details over the phone. When he ran the credit card details through the terminal it did not come up with any alert.
However, Mr Dexter later found out that the address given - in Edgware, north London - was not that of the card holder and found himself liable for the money.
He believes his credit card terminal had not been updated, but the latest machines check the postcode of the correct card holder and the first line of the correct delivery address - which was not the spurious address supplied.
"Police investigations showed that the address given was, in fact, an empty house," he toldATG. "If this protection had been added to my terminal it is almost certain that this item would not have been authorised for payment.
"After I was defrauded I was talking to the Federation of Small Businesses and also other colleagues who have more recently obtained terminals, and they were all quite horrified when I said I didn't have this facility."
Mr Dexter said dealers who have obtained such terminals more recently than him seem to have the postcode check as standard, and he is now urging others to find out if they have the latest machines. He has also complained to the Financial Ombudsman.
"My item was delivered and signed for, and the police have a copy of the signature. They traced the original house owner who had been away about six weeks, and they were squeaky clean. What seems to happen is these fraudsters stand at the bottom of the garden, know roughly what time the special delivery will come, and say 'Oh I'll sign for that now' as they appear."
Face-to-face payment with ID is the best way to reduce the risk, but that brings great inconvenience for buyers and can lose you deals. However, Mr Dexter had a suggestion for phone payments.
"If you feel you've got to do the deal on the phone, get the person to scan a utility bill, if possible, and send it to show that is the address with their name on it."
A spokesman for the UK Cards Association confirmed that it is the retailer who pays the price when things go wrong. "The very nature of card not present (CNP) transactions mean there is no opportunity to physically check the card or the physical identity of the cardholder, so the retailer is responsible for ensuring that the customer is genuine," he said.
"Our best advice is that businesses make sure they understand the risks and learn how best to protect their business from CNP fraud."
