Credit card fraud is a serious problem for online retailers. Unlike brick and mortar stores, e-merchants are liable for the charge since it is considered a “Card Not Present” sale. And after you’ve been a victim of fraud once, credit card processors often raise their rates due to the increased risk.
The good news is that there are many ways to combat credit card fraud on your website. Making use of multiple tools and techniques is the best way to keep your company safe.
Listen to your payment processor. It seems simple, but many people don’t pay close enough attention to the procedures recommended by their merchant. Every year, check to make sure that you are following all of their rules.
Require address verification. This is available for the U.S. and a few European countries. It matches the cardholder’s address and zip code to the information on record with the card-issuing bank. Of course, this isn’t foolproof since a thief can often easily look up an address, but it does provide an extra layer of protection.
Use card verification methods. This 3 or 4 digit security code is imprinted on the card, but it isn’t embedded in the magnetic strip and doesn’t appear on credit card receipts. That means the person who gives you the number is much more likely to actually be in possession of the credit card they are using. Since most fraud is actually the result of stolen card numbers and not the physical credit card, this can really help reduce your risk of fraud. In fact, VISA says that the use of address verification with card verification methods can reduce chargebacks by up to 26%.
Get real-time authorization. This method costs a little extra but it ensures that the credit card number is valid and that it was not reported lost or stolen.
Don’t accept P.O. Box addresses. Remailing services can be used to send your packages to overseas destinations, which many thieves use to cover their tracks.
Run manual checks. This can be time-consuming if you process a high quantity of orders, but if you only have a few transactions every day for high dollar amounts, it may be worth your while. Also, most fraudulent orders are placed between midnight and 2 a.m. in the U.S., so if you’re going to pick a batch to eyeball, that’s the time frame that’s best to select.
Here are a few things you can check:
BIN Number: Make sure that the bank issuing the credit card is located in the same country as the credit card holder. This tool provides the bank’s name, card type, and a three character code for the country.
Addresses and Phone Numbers: With services like Yahoo or Google Maps and Anywho, you can verify that all contact information is legit before processing the charge.
Still not sure? You can call the card-issuing bank and have them call the customer to confirm that they made the purchase.
Found a fraudulent charge? Be sure to report it to the credit card issuer and the registration service, and keep the information on record in your files. That way, if the person tries again, your system can automatically red flag it. You can also keep a file for “safe” customers. But be sure all this information is encrypted in your system.