Fraudulent credit card transactions are the bane of online merchants, who already pay higher fees to processing banks because their sales are categorized “card not present”.
The situation is even more difficult for companies who do not actually ship products to physical addresses, but deliver services via the Internet.
Worst of all, too many chargebacks places merchants in serious danger: acquiring banks and international payment systems may refuse to process their sales.
There are a number of ways to reduce the number of chargebacks and the additional expense and risk they involve.
Do not be fooled by the automatic fraud detection tools offered by your processors, or lulled into thinking they are effective.
Those “tools” are very basic and do not provide very accurate or timely results. How many times have you received an “approval” code only to have it charged back with an extra $25 fee for your trouble?
If your company is unable to implement the steps outlined in this article, using them is better than nothing; however, you will probably still have an unacceptable level of chargebacks for fraud.
Because of the ambiguity of the payment verification procedure, fraud detection and prevention is more of an art than a science; however, there are specific rules you should follow to foil fraudulent credit card attempts.
The most important step is recognizing that human payment inspectors are the best defense, and assigning this responsibility to help desk or customer support personnel has yielded very good results for a number of Internet-based companies.
The payment inspector’s job description should contain instructions on how to process (i.e., accept order, verify payment, and ship) orders which are paid using bank debit or credit cards.
The first criterion is whether a customer previously purchased something successfully. If no orders have been processed from a customer’s email address in the past, it is necessary to apply other tests.
We use the following checklist for additional payment verification:
Order price. If a customer orders the most expensive product, especially without testing the item or corresponding with customer service team, chances are high that the person is attempting to use a stolen card and additional review should be made.
Payer’s IP address. Use special online services to determine the country name corresponding to the payer’s IP address. It is always suspicious when the payer’s country does not match that of the cardholder.
Payment time. After identifying the country name, note the payer’s time zone. Any order placed between 3:00am -6:00am is suspicious, as it is extremely rare for a genuine customer to be purchasing during those hours. As a rule, true purchases and payments are made during the day, or at least before midnight.
Email address. If the customer’s email address is hosted by a free online service like Gmail, AOL, or Yahoo! and contains meaningless abracadabra before the @ character, that is a good indication of fraud. On the other hand, if a valid email address is based on an existing company website’s URL, and has the form sales@… or payment@…, etc., it probably belongs to an employee of an existing company; the probability of fraud is negligible in this case.
Number of declined transactions. You should review transaction history in your order software. If a person has made several unsuccessful attempts to pay for an order, this is a red flag indicating possible fraud. Even if a card is finally accepted after several declined transactions, it is necessary to perform additional verification.
Requests to the support team. If a customer “suddenly” decides to buy something without asking a single question (especially when other customers send an inquiry at least to ensure that you have an actively functioning support service at all!), this is suspicious, especially if combined with any of the other factors listed above.
Related information about the customer’s company. If a customer has specified his/her company name during checkout, perform an additional search on the Internet to find out whether the customer’s name and his company name are mentioned and are really associated with each other. If no evidence of such relationship is found, the transaction is flagged as suspicious.
If a payment inspector suspects a certain transaction to be fraudulent, he or she sends the so-called “verification request” to customer.
This is an email message with standard content, requesting the customer to provide an scanned copy of an identification document as well as a scanned image of the bank card which was used for payment.
If the provided documents identify the customer as the real cardholder, then the payment is accepted and the ordered items are delivered to customer.
Always review scanned documents carefully for signs of alteration. We have seen cases where criminals a/k/a “fraudsters” actually send requested “proof”, but the scanned or faxed documents are false.
Cautionary note: Imagine that a genuine online shopper (not a fraudster) orders something over the Internet. He/she completes an order form, correctly types in payment credentials and contact details, and simply waits for the ordered products to be delivered within the time specified by the seller.
It may be an irritating obstacle for this person to receive a payment verification request, preventing the person from completing the sale. Besides, sending copies of personal documents over the Internet may make this person uncomfortable, even with key data blocked.
For this reason we rarely send payment verification requests if the expected risk of fraud is minimal. We recommend adopting an internal rule which says “if there are no clear indications of fraud, payment will accepted and product shipped” will work well, if the inspectors are doing their job well.
Even though this principle may occasionally result in a chargeback, it ensures that we treat our good customers well.
Experience often gives immediate insight into what may be a potential fraud and which orders are genuine, and inspectors who have processed many orders are very good at telling the difference.
In conclusion, it is very important for online merchants to perform scrupulous verification of incoming bank card transactions, and this effort to stop fraud is well worth the rewards to their businesses.
This article was written by Mr. Vladimir N.Tuporshin, founder of WebAsyst and several other software development companies during a successful career spanning more than 20 years. Sign up for free online versions of his practical and useful applications which can help you manage your business effectively..
Source: http://www.submityourarticle.com
Permalink: http://www.submityourarticle.com/a.php?a=165952