Bridge the gap between feedback and value by prioritizing feature requests in a way that works for your customers and your product. Read More >
Online fraud is one of the biggest headaches that merchants face every day. As you work hard to improve your sales, you also have to contend with fraud coming from customers or hackers. Over the years, there has been an increase in global online fraud. Identity thieves to amateur fraudsters are scouring the internet for financial and credit card information of unsuspecting parties for personal gains. What steps can online retailers take to prevent online fraud at their stores?
Credit card processors offer merchants basic security measures to reduce credit card fraud. However, merchants should take extra steps to prevent online billing fraud. Some merchants like PayPal do not provide seller protection especially in the sale of digital goods or services. Before you decide which payment gateway to use, find out how your business will be protected in case of fraud transactions.
Let’s look at some of the ways you can optimize your online billing to reduce incidences of online fraud.
1. Address verification System (AVS)
AVS is one of the security measures put by credit card processors. When customers purchase items, they need to indicate their street address and ZIP code. These two values should match the ones that the card issuing bank has on file. If they don’t match, do more investigation on the transaction or allow your payment gateway to decline the transaction.
2. Card Security Code (CSC)
The CSC (or CVV) is the 3 or 4-digit code that is on every credit card. The code should never be stored on the merchant’s database. If a fraudster steals credit card information online, he will not have the CSC since it is only on the printed card. If an order is placed on your website and the CSC does not match, you should approve your payment gateway to decline the transaction.
3. High Risk Countries
If you are shipping items overseas, have greater restriction for such orders. Pay more attention to orders made from countries considered “high-risk’”. For example, the web hosting company JustHost automatically declines credit card orders from Middle East and Africa countries. Customers in these countries have to call the company to verify their identities before their transactions are processed.
According to a survey by Cyber Source, some of the countries with the highest online fraud rates are Israel, Malaysia, Egypt, Pakistan, Ukraine, Russia, Bulgaria, Romania, Lithuania, Nigeria and Yugoslavia.
4. Lockout Mechanisms
Lockout mechanism is a type of fraud prevention system meant to deter fraudsters who use automatic card number generator programs. These programs circulate in underground fraud forums and can generate hundreds of “valid” credit card numbers. The fraudster will typically try hundreds of numbers on your website until he finds some that are valid and will then charge the accounts to their limits.
To prevent this fraud, merchants can:
- Lock out transactions from a particular IP with a large number of credit cards declined within a set time.
- Disable transaction that fail the AVS test (since the fraudster will not have the account’s address)
When you detect such actions, you should to immediately prevent orders from the originating address.
5. Risk Scoring
Risk scoring tools are based on statistical models designed to recognized fraudulent transactions based on a number of rules. When a payment is done at your website, the tools will indicate the probability of the transaction being fraudulent. The higher the probability of a transaction being fraudulent, the closer you should verify the order.
Risk scoring tools provide a case by case evaluation and will flag transactions based on the rules you choose such as AVS failure test, IP range, use of anonymous emails, billing address and others.
Check out this infographic from PayPoint which depicts the rise in online fraud.
How are you preventing fraud at your online store?
Subscription Billing Made EasyTry for free
Recent Blog Posts
Just creating and sending impeccable transactional emails isn't going to get you anywhere. Read More >