A lot of my clients do a lot of business taking EFTPOS payments over the phone (MOTO). It is a business risk, that most retailers know as the problem here is that in the event of a dispute it is the retailers that has to prove the cardholder approved the transaction.
The problem can be that if the shop is registered to do such MOTO payments, now let us say a customer comes in and buys some goods. They are given the terminal as above to process the EFTPOS and most salespeople purposely do not look at the processing of the transaction to reassure the customer that they are not looking at their security codes. What a fraudster can do then is cancel the transaction and while no-one is looking activate on some terminals the MOTO function. Then process the transaction. This will allow stolen EFTPOS cards to be used over the security limit. A short time later the retailer gets a query from the bank and almost certainly a reversal of the payment.
What I recommend is that you have cameras recording all EFTPOS transactions and if possible on the terminal that customers have access, disconnect the MOTO function.