John Rosatti, How To Prevent Fraudulent Credit Card Transactions

Super Star candyshop999 at gmail.com
Fri Jan 4 06:29:48 CST 2008 

John Rosatti, How To Prevent Fraudulent Credit Card Transactions



What Are Possible Signs of Fraudulent Transactions see at Web Hosting
Companies?

   - Customer wants to pre-pay for a year
   - Domain Name Registration for 5 years or more
   - Orders using free email address providers like Hotmail, Yahoo, etc.
   - Usage of multiple cards to complete order.
   - International address. AVS can not validate those international
   addresses.
   - Multiple purchases in a short time period.
   - The customer and billing addresses are different.

AMEX, VISA, and MasterCard implemented a security feature known as "CVV2"
and "CVC2". These are the three-digit or four-digit numbers printed on the
back side or front side (depending on card company) of the card (signature
panel) to the far right. The three/four-digit code helps to validate that
the cardholder has the card in his possession. You can include the code in
your transaction processing and need to receive a match to successfully
complete the transaction. If you are using a shopping cart for your hosting
sign-up process, make sure that it is capable of collecting and processing
these numbers. IMPORTANT: The ToS of the credit companies state that you are
not allowed to store these numbers.

Use Address Verification Service (AVS) on all US transactions to verify the
billing information provided in the order with what is on file with the card
issuing bank. As a bare minimum, the zip code should successfully match
before the transaction is approved and you hand out the account information.
You should retain the response information for some time in case of a
chargeback.

The possible AVS messages are:

Y – Exact match on street address and 5 or 9 digit zip code.

A – Address matches, zip code does not

Z – zip code matches, address does not

N – No match.

U – Address information is unavailable or Issuer does not support AVS. These
transactions are only applicable for Visa and the merchant isn't responsible
for chargeback liability.

R – Issuer authorization system is unavailable, retry later

E – Error in address data – unable to complete check.

G – non-US Issuer not participating in AVS - Visa only. The error messages
will vary from one provider to the next. Contact your provider for more
information.

S – Address information is unavailable or Issuer does not support AVS -
MasterCard only.

The most important warning sign of fraudulent transaction are international
orders. It is very sad to be so generic with this statement but the
percentage of having a fraudulent orders goes up immediately if the order
comes from a non-US location. Be aware of cities or countries with high
rates of fraudulent transactions. Malaysia, Indonesia, and most countries of
the former Soviet Union tend to be source of many fraudulent orders.

The most effective way to help eliminate fraud or chargeback's is to simply
call the customer. A confirmation over the phone is most definitely advised
for any large transactions. If you process a fraudulent transaction, not
only do you lose the funds, but the product/service as well. A phone - even
if it is international will save you a lot of hassle in the long run.

What if you find a transaction to be suspicious? Contact your authorization
center and let them know you are concerned about the transaction. They will
look at the transaction and may give you advice. You should also call the
customer to request additional information (copy of drivers license or
Passport as an example). Check the IP address of the sign-up and see where
it is globally. Does it matches the customers address at least by country?
Send a confirmation email to the customer verifying their order.

It may be a good policy to only accept orders with identical Customer and
billing addresses.

Maybe you want to scrutinize international orders as your protection against
these consumers is very minimal and not accepting them could be a wise
choice for your web hosting business.

Placing fraudulent notices, buttons and images on your web site and order
forms will help discourage any person trying to place a fraudulent order.
Make sure that the customer will se upfront that you are recoding the IP
address and that you will notify the law enforcement agencies if needed. It
might not protect you in every case but eventually it will help to cut down
the number of fraudulent orders.

This article can be published by anyone as long as a live back link to
http://www.webhostingresourcekit.com is provided.

About The Author

Christoph Puetz is a successful small business owner (Net Services USA LLC)
and international author.

Guides, Tutorials, and Articles for small businesses -
http://www.webhostingresourcekit.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.us.dell.com/pipermail/linux-poweredge/attachments/20080104/9e751350/attachment.htm

More information about the Linux-PowerEdge mailing list