.... Internet marketing resources, ecommerce web site design tutorials
  Taming the Beast - quality web marketing and ecommerce development services .... .

 

Return to web marketing and ecommerce articles index


Preventing credit card chargebacks -  fraud screening strategies 

In the first part of this article, I outlined some frightening statistics regarding credit card fraud and chargeback fees to merchants. It's worthwhile reviewing if you haven't read it as yet; as is my guide to chargebacks

Protecting your online business from fraud.

One of the great things about the Internet is anonymity. One of the worst things about the Internet is anonymity - especially if you're an ecommerce merchant. If you utilize payment gateways for credit card transactions or are considering doing so, it is important to ask the gateway provider about their screening features (this precedes actual credit card payment processing). Some offer none at all or may not have certain features switched on by default!

Many payment gateway providers use the Address Verification System (AVS). AVS provides a degree of protection by comparing some of the billing details on the order to those held by the cardholders bank - But:

The transaction may be approved even if the address verification information does not match! The merchant faces the possibility of chargebacks if the payment gateway decides to continue with the transaction on a questionable match. If you have AVS features in place, check the settings in your interface. AVS should just be used as an indicator of a possible attempt at fraud; a flag to help determine if an order should be more thoroughly investigated.

Online fraud screening tools Fraud Screening Tools!
FraudLabs Credit Card Fraud Detection Web Service offers instant detection of fraudulent online credit card transactions. Try the free demo!

CVV2 takes things a step further. A CVV2 number is the three last digits located on the back of a credit card, or the four stand-alone digits on the front of an Amex card. It's certainly very useful for further minimizing fraud, but fraudsters can get hold of this information, so again, don't rely on this alone. Fraud screening really needs to be approached holistically.

The following fraud screening strategies are worthwhile considering whether you're using offline facilities for payment processing or third party credit card processing systems.

Request information.

While consumers value their privacy and require quick checkout processes, it is of the utmost importance that you gather sufficient customer identity details during the ordering process. The customers name, credit card number and expiry date is not enough. Tell your customers why you need the information and what you will do with it - after all, it's in their best interests too. The fewer chargeback fees you have to pay, the cheaper you can offer goods and services.

Check the IP address

It's important that each order processed from your site also contains information regarding the IP address of the person placing the order. An IP address is a unique network identifier issued by an Internet Service Provider to a user every time they are logged on to the Internet. 

The IP address can be easily traced using free tools such as Geobytes IP locator - it's the most accurate I've come across in terms of free services and there are other premium products around that offer additional features. 

If the order has a billing address of the USA, and the IP originates in Africa, you can be fairly certain it's fraud.

While this is a very good anti-fraud mechanism and useful for tracking fraudsters, be aware that IP addresses can also be forged.

Check your payment gateway interface

Depending on the type of payment gateway service you use, you may have access to a log of all attempted transactions, including declines - these will appear in the unsettled transactions list for the current day or you can run a search on previous dates. Look for a series of declined transactions around the time the order was made. These will usually be within a few minutes of each other and may note a variety of names and card details - but all a common IP. 

When fraudsters obtain a list of credit cards from wherever; these are often distributed to other fraudsters as well. They go to work on them right away and as a consequence, some cardholders are alerted early on and their cards cancelled. Fraudsters using old data will often have to try multiple sets of details before finding a set that is still active. 

Shopping cart questions? Try our articles, guides and reviews!

Shopping cart software

Learn more about shopping carts or read our reviews of some the best shopping cart software around!

Need to learn more about merchant accounts or payment processors? Read our reviews & guides

Email address awareness.

Fraudsters rarely use their own "real" email address and with the proliferation of free email services, it is quite easy to establish a fake email account in under a minute.

Some online businesses now refuse to process online orders that list free email address services as the primary point of contact, opting to request from customers their ISP or business email addresses. This comes at a price; i.e. reduced sales. 

You can check an email address quickly by going to the originating domain and seeing if it provides a free email service. 

Shipping addresses.

If the shipping address is different to the billing address, be wary; although it is not uncommon for people sending gifts to others to request a different shipping address, or if the billing address is a post office box.

You'll rarely find a fraudster sending goods to the legitimate cardholders address; although this has been known to occur on occasion.

At the point of ordering, request a telephone contact number from the purchaser. State that you need this number in order to contact them if there are any problems. Many cardholders of compromised accounts have been alerted in this way. The fraudster more than likely won't give you his own phone number as he/she can then be traced. If an order is suspect, try to confirm the phone details provided are indeed that of the customer by checking a relevant online phone directory; then call the customer to confirm the authenticity of the transaction. Fraudsters hate merchant contact of any kind.

Log analysis.

There's plethora of site traffic tracking services and software available now that will not only return very valuable demographic data, but can also assist you in pinpointing the origins of fraud. 

Still one of the best ways to analyze your log files is manually.  By examining your logs carefully, you will be able to find out a suspect order's originating Internet address if it's not included on your order receipts (but most will these days). This tracking is made easier if you include a Time Stamp on each submitted order. If you find that an order originating from Russia states a billing address of Sydney on the order form, make further enquiries.

Most web hosts will have a server log available for your account. It's basically a text file that records every single request to the site, including images.  Contained in every request is an originating IP i.e. the ISP issued address of the computer that "asked" for the file.

If you aren't sure about how to access your raw server logs, enquire with your hosting service. Learn more about interpreting server logs.

credit card processing and merchant accounts

Looking for a better deal on merchant accounts?
Over 100 US businesses choose
Merchant Warehouse each day! Merchant Warehouse guarantees the lowest cost on credit card processing and merchant accounts.

Overseas orders.

Can be risky, but an important part of your online business - by refusing to ship outside your country, you may be leaving a lot of money on the table. 

It is very difficult to retrieve goods or apprehend fraudsters once the goods have left the country, so don't hesitate in making further enquiries with the customer or credit card company if an order seems suspect.  

Unfortunately, Eastern Europe is still a very high risk region for the origin of credit card fraud, with some online business owners refusing to process orders from that region.  Other high risk regions are Indonesia, Egypt, Turkey, Pakistan, Malaysia, Vietnam, Africa and Israel.

Unusual orders.

Unusually large orders requesting express delivery definitely warrant further investigation, especially if the customer has not purchased from you before. Customers are pretty cautious, and will tend to place small orders in the first instance to test the efficiency and integrity of your online business, or they'll make some sort of contact with you prior to ordering.

When in doubt, call the cardholder or bank.

I can't stress this enough - call the relevant credit card company or cardholder BEFORE attempting to process the order if in doubt... that extra 5 minutes may save you big dollars! Even if the order has been processed through automated systems, it's not too late to follow up before shipping the goods or providing the services. The idea is to deal with the situation before the cardholder is issued a statement, notices something on it that they didn't purchase and then contacts their bank.

Ask for photo identification

If you're dealing with high value items, I don't think it's overkill to ask for photo identification to be emailed to you if an order seems suspicious. You just need to weigh up the risks - possibly lose a couple of hundred dollars profit from a disgruntled client not willing to provide photo ID, or lose the couple of hundred dollars, plus the product, plus the chargeback fee and possibly your merchant account if you decide to go ahead with the transaction.

Make your anti-fraud policy visible.

Visual deterrents are still one of the most effective ways of minimizing crime. In a bricks and mortar store, signs and cameras do prevent shoplifting to some degree, especially amongst amateur criminals. Why not use the strategy on your site? 

Add bold notices and third party security seals to the checkout pages stating your stance on fraud and that systems are in place to monitor all transactions. Not only might this decrease attempts at fraud by wannabe fraudsters, but will also demonstrate to your clients that you take transaction security very seriously.

Web site security seal Site security seals!

Increase your conversions or double your money back!
Turn browsers into buyers by allaying their security, privacy, and business identity concerns with Trust Guard's industry leading trust seals and services
::
Article - what all ecommerce merchants need to know about PCI compliance

Other indicators

As fraudsters are often overseas in countries where English isn't the primary language, look for things like the incorrect spelling of common words, mixing up first name and last name fields, incorrect spelling of common names and street names, nonsensical email addresses and poorly structured additional comments. Again, none of these on their own indicate definite fraud, but it helps you to build a more accurate picture and better assess the risk.

Utilize specialist fraud screening services

Like so many online business owners, perhaps you don't have time to carry out rigorous fraud screening. With the increase in fraudulent transactions, many companies such as preCharge have sprung up to act as screening services to help minimize credit card fraud risks to merchants. preCharge offers a global screening service that's totally transparent to your customers, can be implemented with any type of cart setup and also offers a guarantee.

As with anything else related to online business security, nothing is guaranteed 100% effective, but the above fraud screening strategies will definitely assist in decreasing the amount of credit card fraud you experience - over time you'll also develop a gut vibe on transactions; so when your "spidey sense" tingles, ensure you take heed and investigate further.

Further learning resources

Dealing with friendly fraud

Payment Gateways and Merchant accounts - a beginners guide

Preventing and challenging chargebacks

Michael Bloch
Taming the Beast
http://www.tamingthebeast.net 
Tutorials, web content, tools and software.
Web Marketing, Internet Development & Ecommerce Resources
____________________________

Copyright information.... This article is free for reproduction but must be reproduced in its entirety & this copyright statement must be included. Visit http://www.tamingthebeast.net  for free Internet marketing and web development articles, tutorials and tools! Subscribe for free to our popular ecommerce/web design ezine!

Click here to view article index 

Online meeting & webinar software review
Powerful, easy to use collaboration tools that can help improve your marketing sales and training efforts. Learn more about these services in this review & try a free trial!

The best shopping cart software
Our reviews of some of the best shopping carts around - free ecommerce solutions  through to premium services offering affiliate programs, marketing modules & online soft goods delivery.  Shopping cart software guide 

Autoresponder software/mailing list manager
 Read our beginners guide and reviews of all-in-one autoresponder & email marketing software solutions.

Credit card transaction fraud screening!  Effective fraud screening is an essential part of running an online businesses. Fraud transactions cost you money and can threaten your merchant account. Pick up a stack of transaction screening tips in this free guide! 

Need some advice/tools for writing/creating a web design, development or marketing proposal?

 

 

 

Home

 

Get paid cash taking online surveys - free to join online 
survey companies that will pay you cash for your opinion!

In Loving Memory - Mignon Ann Bloch

copyright (c) 1999-2011  Taming the Beast  Adelaide - South Australia 

Profile - Contact - Privacy - Consultants Portfolio 

Search Site - Terms of Service - Social/environmental