Following are the preventative process, procedures and warnings that merchants should be aware to minimize credit card fraud. These process minimize fraud while maximizing transaction throughput. Address Verification System The Address Verification System (AVS) is a system used to verify the address of a person claiming to own a credit card. The system will check the billing address of the credit card provided by the user, with the address in the database at the credit card company. AVS verifies only the numeric portion of the address. Anonymous and Open Proxy IP Addresses Organized credit card fraudsters often use anonymous proxies, which hide their true location. The IP address sent by their computer can be a open proxy IP address instead of real IP address. Authorization Authorization approval indicates that at the time the approval was issued, the card hasn't been reported stolen or lost and the card limit has not been exceeded. Bin Check Bank Identification Number is the first 6 digits of a bank card number. Credit card bin help to identify the credit card holder, issuing bank and the location. Customers sometimes use credit cards issued from another country. The bin database site will provide bank name, card type, and a 3 character code for the country when the Bank Identification Number is entered. Calling the Card Issuing Bank The merchant can request card issuing bank to make a courtesy call to your customer to verify the charge. In such case the merchant needs to provide his merchant id , phone umber, customer name, address and phone number to the issuing bank. Calling the Customer This is an excellent way to detect fraud. The telephone call also gives the merchant an opportunity to welcome the customer, answer their questions and build solid relationship. Sometimes the fraudster will submit the actual phone number of the person whose card was stolen. If the card holder did not authorize the charge, then should call their credit card issuer to report the card theft. Card Verification Method The CVM response provides information that might help you decide whether or not to ship goods to the customer. CVM uses a 3 digit security code that is appended to the credit card account number but not printed on the magnetic stripe. Online Merchants prompt customers to provide the CVM value along with credit card number and expiration date. The CVM value has become part of the authorization request to the payment processor. Credit Reference Agencies Merchants can use credit reference agencies like Equifax, Experian, and Trans Union for high value transactions.The customer would be asked to verify some specific information such as the mother's maiden name or their social security number. This process can be expensive and moreover time consuming. Fax Orders When an order is received by fax the merchant should request fax copies of both the sides of the credit card.This proves that the customer has possession of the credit card at the time of the order.The merchant should also request a copy of state-issued id or drivers licence from the customer which provides additional proof, preventing a chargeback. Fraud Scoring Systems Fraud scoring system is used by payment processors to identify the high risk transactions in card-not- present environment that require additional verification. An efficient scoring model use software techniques to capture patterns of fraudulent activity, and to differentiate these patterns from legitimate purchasing activity. Scoring models typically assign a numeric value that provides the probability that a transaction may be fraudulent Fraud Screening Organizations The Merchants should attend seminars offered by credit card companies and card processors to educate themselves. Some merchants are joining fraud-screening organizations and beginning to use extra security software that determines the risk assessment. The merchant can decide to accept the card number or not, based on that fraud rate value. Some organizations such as antifraud.com offer tips, databases of stolen credit cards, and web look up tools. Free Email Accounts May businesses refuse to accept orders from any free email accounts or any non isp email domains.The fraudsters use free email addresses to remain anonymous. Most businesses purchasing a business product would not use a free email address. Pl note that many legitimate customers also use free email addresses. Internal Merchant Rules This method is ideal to catch online transaction frauds. The Merchant sets up rules to stop or flag specific orders from specific IP or country or if the transaction amount is bulk or huge, or if product is often shipped to a specific address.This method reduce repeated or pattern specific frauds. International Orders The merchant must weigh the financial benefits of accepting international orders against the possibility of fraud. Merchants cannot always refuse foreign orders since he could be missing potential good sales. However the merchant needs to perform various checks before orders are shipped. Request the credit card processor to provide a list of high risk countries.The high risk countries include Indonesia,Nigeria,Pakistan,Egypt and most African nations. Placing an international phone call to the issuing bank is recommended in case of large orders. Merchant Rules Merchants should follow the procedures recommended by the payment processor and the credit card companies. If a merchant suspects a fraudulent order,should contact the registration service to cut reduce the total number of chargebacks Negative History File The merchant should keep a database of problematic customers, prior fraud attempts, chargeback records.The record should include customer name, billing address, phone, email and IP address. Incoming orders can be searched for matches in the database. This method reduce the incidence of repeat offenders. Other Preventive Measures Always check the data to determine if the buyer is a real person. Check if the zip code really exist and the email is formatted properly. Pattern Detection Pattern detection checks if multiple orders are placed to a specific shipping address with different credit cards. It checks for unusual purchase of a single item since fraudsters may have access to several stolen card numbers. It identify users who repeatedly submit same credit card number with different expiry dates. Since fraudsters will have only credit card numbers, they will just keep submitting that number with different expiration date until they match. Payer Authentication Program Payer Authentication program is an optional process to increase the payment security and reduce the risk of fraud. The process verify the cardholder's identity directly with the card issuer in real-time. The card issuer remain liable to some losses for the online fraud which was generally borne by merchants. Processing Orders The merchant should have a policy of not shipping any order until the charge can be verified by their additional checks. The merchant can send an immediate email confirmation of the order, and explain additional checks are being performed to reduce fraudulent orders. The additional checks may take 30 minutes, or can take days if telephone and email exchanges are necessary. The processing delay may cause the fraudster to hide themselves. Many fraudsters want instant gratification, and wish to remain anonymous, so they will not reply to your emails requesting additional information. Realtime Authorization Authorization is a request send by the merchant to the card issuing bank to determine if sufficient money is available for the payment or if the credit card has been reported as stolen or lost.This process takes less than 5 seconds for the approval to take place. Shared Negative History File Merchants can exchange their negative historical database. Since this database has fraud data from several merchants, using this file should reduce pattern specific frauds. However a bad customer for one merchant may be good for another.
Pages to are hidden for
"credit-card-fraud-prevention"Please download to view full document