Fighting Credit and Debit Card Fraud for e-Commerce Merchants

What is credit card fraud? CNP (card not present) credit card fraud is a type
of fraud made online where an e-Commerce merchant's credit card processor is
fooled into thinking that a credit card is valid, or where a chargeback is caused
by a cardholder who declares an unauthorized purchase using his credit card.
In both cases Ecommerce merchants will be held responsible for the chargeback
and will have to pay their processing bank a fine (called a chargeback fee),
to reimburse the cardholder, and even pay a huge fine to the card issuer. Every
e-Commerce merchant knows that credit card processing is not just a tool to
process clients' payments but a way to make an e-Business grow and make profit.
The worst thing for an e-Commerce merchant is getting into the ban list (or
blacklist) of Visa or MasterCard for having too much chargeback cases. This
will deprive the privilege of getting an Ecommerce merchant account, most merchant
account provider companies keep a copy of Visa's and MasterCard's blacklists
at hand when signing up an e-Commerce merchant.

The disadvantages that credit card fraud puts a client to are a possible and maximum fine of $50.00 and perhaps a few phone calls. A cardholder who lost his credit card will not be responsible for any unauthorized transactions made if he reports his card lost or stolen in 24 hours. His card will be replaced, while the e-Commerce merchants who processed the credit card would be literally bombed by chargeback fees and issuer fines!

The disadvantages that credit card fraud puts an e-Commerce merchants are devastating and can be clearly seen. BUT, e-Commerce merchants can significantly and almost annul the amount of fraudulent credit card transactions by following a few tips and guidelines. Most e-Commerce merchant account service providers will provide you with information on preventing credit card fraud. First of all, having a secure credit card processor with MasterCard SecureCode�, Visa 3-D Secure� and other credit extra security systems will drastically decrease the amount of unauthorized credit card transactions. For example, Visa claims an up to 80% decrease in online CNP credit card fraud cases!

Visa, MasterCard and American Express have Card Verification Methods (CVM's) which help e-Commerce merchants cut frauds by about 30%. The CVM system uses a 4-digit code which is printed on the back of credit cards, where the cardholder's signature is. This 4-digit code verification system decreases the chance of CNP fraud as the credit card may be used by a person who actually physically holds the credit card and can read the code. Just asking for this code can help avoid credit card fraud as many carders haven't this 4-digit code.

Contacting a suspicious order customer to verify the order may prevent a chargeback. If the customer is unreachable calling the card issuer bank will make them do their best to contact their cardholder to verify the order. Orders falling under suspicion may be: different bill-to and ship-to addresses, funny, strange or suspicious information like names, e-mails, telephones, and so on (for example: short-form names like Pete instead of Peter, Mat instead of Matthew, and nicknames; strange e-mails like: [email protected] when the cardholder is really a Mr. Craig Brown, aged 63 from New York). Carders aren't that super-extra-careful, especially if they are young. Also a 63 year-old man buying a skateboard might seem a little too suspicious! Carders usually place orders late at night, feeling safe; don't be fooled by a 55 year-old Mrs. Smith ordering the latest 3D accelerator video card at 3:27 a.m. in the morning! Spending an extra two minutes just to look and ponder over the information might drastically reduce the risk of CNP frauds.

When rendering services or providing products to U.S. citizens it is indispensable to work with AVS, which stands for Address Verification System. This system allows to automatically verify and check the provided information with the card issuer database. If there are problems with the AVS system any e-Commerce merchant may call
the Visa/MasterCard AVS operator on 1-800-228-1122 or the American Express AVS operator on 1-800-528-5200.

Keeping a blacklist or joining an e-Commerce merchant blacklist community might be a good idea. Such blacklists contain personal and transaction details which were used for CNP frauds. It is advised to keep a database of all orders containing all the information. This can be used to make out patterns in ship-to addresses and other information provided. These patterns may show an e-Commerce merchant one ship-to address with different cardholders, which in 99.9% of CNP transaction will be fraudulent.

A verification on Bank Identification Number (BIN) also cuts back on credit card fraud cases. BIN numbers can be checked to make sure that the cardholder and the issuer are at the same location. Many overseas carders use stolen credit cards from another country or part of a country. Some free resources on the net provide BIN information, like issuer address and so on.

Another way to reduce or eliminate CNP credit card fraud is to have an IP (internet protocol) address tracker or logger implemented in the processing system. This might give a chance of finding out the location of the carder. Ripping out information from the IP address is easily done using free internet resources and software. IP addresses may hide the possible location, so if the information provided states that the cardholder is from Washington but an IP check reveals an ISP's address in Egypt it is most probably a fraud. Carders may use proxy servers which hide their real IP, though, but there are IP tracing services which might trace the real IP.

If many of the customers are overseas customers it is advised to request a scanned image of their credit card by mail or by fax. While it is usually not advised to process foreign credit cards it is also a lost opportunity to increase sales and profits.

Having bogus signs and labels on an e-Commerce website may scare about 50% of the fraudsters. These may include "Pre-processed and Verified for Fraud", "Guarded by Anti-Fraud Systems", and excerpts from the constitution and law statements like "Fraud will be reported and prosecuted..." and so on. Even having an extra "Mothers maiden name" or "Pet's name" field in the secure order form might give a carder second thoughts.

As for e-Commerce customers it is generally a good idea and good customer support
to have a list of anti-fraud credit card rules. This will show a customer that
his security is taken into account and will provide a stable relationship between
him and the merchant. Here are a few general rules for credit card holders:

a) Sign your card as soon as it arrives,
b) Carry your card separately from your wallet in a safe place where it is not noticed to prevent theft,
c) When dealing with CP (card present) transactions do not take your eyes off your card and get it back as soon as possible as they may be swiped through special credit card copying devices and then reproduced,
d) Do not give your credit card details or let them easily be acquired from carbon copies,
e) Promptly notify if card is lost or stolen,
f) Notify your card issuer of any change in address,
g) Register with MasterCard SecureCode™ or Visa 3-D Secure™ systems to be provided with extra security and prevent unauthorized credit card use,
h) Never give out your personal information unless you know who you're giving the information to,
i) Do not lend your credit card to anyone.

E-Commerce merchants can significantly lower the risk of credit card fraud
and fraudulent transactions. By following processing safety guidelines and tips
and keeping an eye out for suspicious orders will guarantee a safe and sound
online business. There are many other tips and hints which may help reduce frauds
but the main ones have been written about above; they might be enough to annul
99% of credit card frauds and to come out clean from the other 1%.