Why Should you be Concerned with
Online Credit Card Fraud?
Your Business Depends on it
Your business should be concerned, or at least aware of the risks, if you are involved in e-commerce, mail, and/or phone order transactions. These transactions are exposed to a relatively high level of risk due to the fact that neither your customers nor their credit cards are physically present at the point of sale.
Criminals are often very intelligent. Educate yourself and utilize the items below to prevent them from stealing your products. Remember, complacency is a criminal's greatest ally.
The items listed below will provide insight into how you can reduce the potential for fraud, disputes, chargebacks, and the costly effects each of these have on your business. Rush Order monitors, manages, and prevents these costly problems on behalf of our clients on a daily basis. In fact, we are proven experts in the field. If you have questions or need assistance with any of these items, give us a call today at 800-522-5939. We are here to help.
Minimize your risk of incurring costly fraud, disputes, and chargebacks by using these helpful tips:
- Pay attention to the card type, number, and expiration date. Visa card numbers begin with a "4" and contain 13 or 16 digits. MasterCard card numbers begin with a "5" and contain 16 digits. American Express card numbers begin with a "3" and contain 15 digits. Discover card numbers begin with a "6" and contain 16 digits.
- To safegaurd data, always use a secure connection and/or encryption where applicable. Never send credit card information via email.
- Charge your sales as close to the ship date as possible. Never charge a credit card on an order that you know will not ship immediately. Customer complaints are directly correlated with the amount of time before or after the ship date you take to charge the card. When backorders begin building up for a lengthy period of time, you may want to send your customers an update on the status of their order.
- Use address verification systems (AVS) for domestic orders.
- These criminals typically know that a credit card is often audited with an Address Verification System. To circumvent this, these criminals are often capable of acquiring their victims bill-to addresses. Therefore, large distances between a customer's bill-to and ship-to addresses (usually belonging to the criminal) should raise a flag for concern. Require a bill-to and ship-to address. You may want to create an automated program based on zip codes that determines if the distance seems reasonable.
- Require a phone number. This can be used to notify customers of back order situations, call customers when their credit card is declined, and match area code and zip code proximity. A bill to phone number and address in different areas may be a flag for fraud.
- Require an email address upon order entry. This can be used to send order and shipment confirmations, notify customers of back order situations, and notify customers when their credit card is declined. Invalid email addresses are also a way to flag potential fraud.
- To reduce chargebacks, make sure the customer will recognize the name of your company or product on their bill. If your company operates under multiple names, make sure your customer will recognize the charge. Gear your website, customer service, and marketing materials such that they do not confuse customers as to whom they are purchasing from.
- For international orders, verify the IP address.
- Sticker your shipments with "do not re-route without shipper's authorization" text. Criminals frequently re-route shipments in transit to their desired locations in and outside of the United States. When the carrier receives a request to re-route, they should then contact the shipper for permission.
- Maintain vigilance and learn to spot and control the warning signs listed below. Create automated and manual processes for reviewing your orders.
Credit Card Fraud Warning Signs:
- The customer's information contains misspellings.
- The order is shipping to a PO Box. This may indicate a lack of permanent physical presence.
- Large dollar amounts shipping via an untraceable method such as first class mail.
- Large dollar amounts shipping via expedited shipping methods such as overnight delivery.
- Large dollar orders are something to be carefully inspected regardless of any other information in the order.
- Multiple orders by the same customer in a short time span.
- Orders containing free internet email addresses that seem to have no relevance to the person's actual name.
- Most automated fraud tools cannot validate foreign addresses. Review international orders and verify information via email (or phone) when the legitimacy of an order is in question.
3 comments:
You said "Require a bill-to and ship-to address. You may want to create an automated program based on zip codes that determines if the distance seems reasonable."
Sorry, but I totally disagree with you, and so would Mastercard and Visa. If you receive a chargeback you MUST be able to prove that you shipped only to the bank verified billing address or you don't have even a a remote chance of winning the dispute.
Thank you for your comment. Obviously, any reasonable e-commerce, telephone, or mail order system must allow for customers to have their order shipped to a location other than their billing address. Visa, MasterCard, AMEX, Discover, Diner's Club, etc. all understand this as well.
When ordering products online, I frequently use my billing address at my residence in San Jose, CA and have my online purchase shipped to my office at Rush Order in Gilroy, CA. If Visa, MC, AMEX, etc. did not allow for this, a dishonest person in my shoes could issue a chargeback and essentially order free merchandise every time because the order was not shipped to the verified billing address. Of course, the system is much more flexible than that.
As such, we check the distance between the billing and shipping addresses as one of many scoring methods (each order is scored according to probability of fraud).
Take this example for a test run:
John Thief steals Jane Innocent's credit card number and billing address. Who knows how he did this, but let's just assume for a minute that John is a professional thief based in Nigeria. Working with a variety of highly visible consumer electronics and computer software products, Rush Order sees this scenario quite frequently.
Jane's billing address is located in California and John has acquired a re-shipper in Florida (also common). A re-shipper is someone who, in most instances, is unknowingly trafficking stolen merchandise purchased with a stolen identity. (Maybe a good topic for another blog post).
Although you and I could think of plenty of legitimate reasons why someone with a California billing address would want something shipped to Florida, this is a common flag for fraud. Our database of negative zipcodes is also cross-referenced to see if this order is being shipped to a particularly “hot” area.
John’s order would be sorted into a queue and we would follow up with a phone call or written notice based on the contact info listed on the order. This helps us determine whether or not John’s order is legitimate.
Requesting that the "customer" verify the card number or issuing bank is a good way to check their legitimacy.
If we encounter a disconnected number or never receive a return phone call, we cancel the order. Some of these fraudulent orders are very obvious and the initial contact is not necessary. For others, it is not always so obvious, especially in this case where John has stolen all of Jane’s correct billing info.
In any case, these outbound calls / contacts are a great way to avoid chargebacks in the first place. That is why we created the automated process of checking the distances between bill to and ship to zip codes.
Other tools mentioned in this blog post also help eliminate the need for an outbound call or written notice.
The result for some of our high profile clients in the consumer electronics space is astounding. Through automated tools, we have reduced fraud attempts from 15% to 8% of total order volume and have kept total chargeback inquires to less than 0.15%.
By the way, even 8% is an astronomically high figure for most industries. For expensive flash memory and hard drive based products, this figure is typical. With good tools, the number of fraudulent orders actually shipped is reduced to about 0.25% and resulting chargebacks can be dropped to 0.15%.
The less success these crooks have, the less likely they are to try to continue their attempts to steal your merchandise. They will simply move on to the next merchant who has not read about, understood, and implemented these tools.
Thanks to the owner of this blog. Ive enjoyed reading this topic.
Post a Comment