My Merchant Account Blog

My Merchant Account Blog

You can now contact us at 888-928-5280 ext 822

New Posts will be coming soon - we are in the process of updating the blog

Preventing Online Fraud

Saturday, December 23, 2006

One of the first things you need to do as a merchant is to verify the consumer.  On card-present transactions, this can easily be done by asking for a valid photo identification card, i.e.  a driver's license or state issued ID card.  On card-not-present-transactions, this is much more difficult for the merchant to accomplish. 

Basic Fraud Prevention Techniques - Steps One, Two, and Three

Address Verification

The first step in preventing fraud in a card-not present environment is called address verification.  The consumer will enter their billing address.  The gateway will send this information over to the transaction processor (usually First Data or Nova (Elavon)) for verification.  The transaction processor will send back some codes to let you know that the AVS was a match or not.  Usually this match is done on the street number and ZIP code only.  So if the street address was 1234 Main Street and the ZIP code was 90210, the transaction processor would take a look at 1234 and 90210.  The alpha characters are not verified. 

Once this is completed, you will want to seriously consider sending your product to the billing ZIP code.  This will help to prevent some of the chargebacks but will also cause some problems if the consumer works all day.  The shipping companies have become so inundated with packages from the ever-growing business, that they will drop the package at the door, not waiting for a signature.  Without a signature, you do not have proof of delivery. 

AVS is subject to a significant rate of "false positives" which may lead to rejecting valid orders as well as missing fraudulent orders.  If the cardholder has a new address or a valid alternate address (such as seasonal vacation home), this information may not be up-to-date in the records of the cardholder's issuing bank, so the address would be flagged as invalid.  Merchants typically do not rely solely on the AVS result to accept or reject an order.  Approximately 75% - 80% of online merchants rely on address verification service as a tool to help prevent fraud. 

CVV2 / CVC2 / CID


Card Verification Value 2 / Card Verification Code 2 / Card Identification Number

Visa calls the three digit number a CVV2 (Card Verification Value 2).  MasterCard calls it CVC2.  American Express and Discover call this CID.  This number is found on the back of the of Visa, MasterCard, and Discover cards.  It is a four digit number on the front of American Express.  At first the card associations came out with this number to curb fraud.  The card associations told the merchants - do not store this number.  They thought this would potentially stop most of the fraud.  However, these numbers can be obtained by fraudsters just as credit card numbers are obtained.  The CVV2 / CVC2 / CID usage by online merchants has continued to increase rising from 44% of online merchants using this tool in 2003 to 66% today.  It appears that asking for the CVV2 / CVC2 / CID has become standard practice for many online merchants in 2005. 

The purpose of card verification number in a card-not-present transaction is to attempt to verify that the person placing the order has the card in their possession in order to provide the additional security digits.  Requesting the card verification number during an online purchase can add a measure of security to the transaction.  Approximately 66% - 75% of online merchants rely on this number to help reduce fraud.

Other Measures

There are other products to consider as well: Calling the customer to verify the order, looking at the IP address, Verified by Visa (VBV) / MasterCard Secure Code (MSC).  Some of these products have to be integrated into the electronic payment gateway.  However, check out the Quantum Gateway - it offers all these features at no cost.  They care more about your business than any other provider out there and built this electronic payment gateway to help merchant combat fraud.

Adding a Surcharge to a Credit Card Transaction

Wednesday, December 06, 2006

Usually in your merchant account agreement, it will state that you cannot charge any additional fees to the consumer if they pay using a credit card instead of cash.

However, debit cards and credit cards have different rules and regulations. Interlink Debit grandfathered in organizations about ten years ago that were using their system to accept payment. Interlink allows these merchants to charge a surcharge specifically when a consumer pays and it goes through the Interlink debit system.

Credit card companies also allow the merchant to surcharge the consumer if and only if:

  • Charged for a bona fide convenience outside of the merchants customary payment channel
  • Disclosed to the cardholder as a charge for alternative payment channel
  • Added only to non face to face (if merchant is face to face merchant)
  • A flat or fixed amount
  • Applicable to all forms of payment
  • Disclosed prior to completing transactions
  • Included in total amount of transaction
  • The merchant does not make any money on the transaction

Meeting the above requirements, remember will be in the credit card associations (Visa, MasterCard, etc) and your merchant account provider. Before doing any type of surcharging, contact your merchant account provider and / or the associations for specifics.

I do not recommend this be done because if it does not follow the guidelines as set forth between your merchant account provider, the card associations, and yourself, you might find yourself without a merchant account and on the MATCH list.

DeliciousDigg This PostNewsvineRedditTechnorati

Subscription Based Websites

Saturday, December 02, 2006

A lot of websites are based on subscriptions. Charging a consumer for anything is very risky and charging them monthly just makes it riskier. You run the risk of chargebacks and fraud. A lot of times, these go hand in hand. Someone might want to see what you have to offer and will use a credit card number that does not belong to them. By the time that you find out, they could potentially have used your services for a couple of months. You are now out your subscription fee(s) as well as chargeback fee(s). A few of these can potentially ruin a merchant.

You have a number of options available to you and choices to consider. The first, of course, is do you really want to get involved with something like this? Once you realize you do, you will want to protect your merchant account. You might even consider using a third party processor to process your transactions. Using a third party processor will help with a lot of the "scrubbing". Scrubbing basically means that the transaction will go through a few fraud prevention tools to help verify the transaction.

Once this is completed and the transaction is deemed OK by the processor, the consumer will be allowed access to your site. A lot of times, chargebacks will happen in days of the transaction. The consumer might not have thought it was worth their money. And instead of calling you, they contact their issuing bank. A good rule of thumb for this is to always send out an email maybe a couple of hours later even asking them about the service, etc. This way you open the communication with them.

Depending on the issuing bank, the consumer can have months to potentially request their money back. Usually with a debit card (with a Visa or MasterCard logo on it), the time frame is less than a credit card (with a Visa or MasterCard logo on it). With American Express, the time frame increases to almost forever. I have seen merchants complaining of chargebacks from over 18 months. This is why you should always keep records.

There are pros and cons to a subscription website. Whenever you are dealing with consumers, the word chargeback always lurks around. Increasing your business unfortunately increases your risks. You will want to do everything possible to scrub the transaction to prevent a chargeback.

Other Issues

Sometimes when you have a subscription based website, you might also need to charge more one month (or less).  Or maybe the transaction failed.  Usually when the transaction fails, you get an email from the electronic payment gateway.  However, with the Quantum Payment Gateway available through Mile High Merchant Accounts, the Quantum Gateway can communicate with your database through its API to automatically update your database.  And the Quantum Payment Gateway's will also store the credit card numbers securely on their server for all your processing needs.

Search My Merchant Account Blog


My Merchant Account Blog Categories
My Merchant Account Blog Archives
My Merchant Account Blog Recent Entries


RSS Feed for My Merchant Account Blog

About My Merchant Account Blog



My Merchant Account Blog SiteMap

Submit my blog Startups

Sign Up for an Internet Merchant Account

Get a Merchant Account today - No Contracts, No Termination Fees

Twitter - My Merchant BlogFacebook - My Merchant Account BlogLinked In - Merchant Accounts

Merchant Account
Resources Directory

Check out the new
Merchant Account Resources Directory
Feel Free to submit you link!

My Merchant Account Blog SiteMap
Publishers

If you would like to publish a unique article on My Merchant Account Blog, please contact us.

Documents

© 2005 - - Merchant Account Forums - Contact Us for Permission to Display Our Complete Posts on Your Website

Feeds Available · ">Merchant Accounts Reviewed · Sitemap · Merchant Account Information