Independent
Sales
First Data
customer service
about us
contact us
faq
Apply Online for a Merchant Account
First Data First Data First Data
 

Fraud Prevention for Internet Merchants

Preventing online fraud is critical for Internet merchants. Most of the attention in the press surrounding online fraud focuses on consumers, but barely any attention has been given to the other side of the coin -- the Internet merchants who are defrauded by crooks posing as legitimate consumers.

One of the first things you need to do as a merchant to prevent fraud is to always verify who the consumer is. On card-present transactions, this can be done by asking for valid photo identification such as a driver's license or state-issued ID card. On card-not-present-transactions, this is a much more difficult task.

Address Verification

There are two basic steps that every online merchant should follow to ensure that the consumer is legitimate. The first step is called address verification service, or AVS. The consumer should be required to enter their billing address along with their credit card information. The First Data Global Gateway will then pass the address information to the cardholderÕs issuing bank for comparison with the address information on file for that card.

Once this process is completed, you will get an AVS code that tells you how well the address matched the bankÕs records. If you get an AVS code indicating that the address and/or zip code do not match, it is up to you to decide whether you wish to accept the risk and ship the goods to the customer.

We recommend that you do not ship goods in cases where the zip codes do not match. This will not only help reduce chargebacks, but will also prevent problems from occurring if the consumer works during the day. Shipping companies have become so inundated with online orders that they will drop the package at the door, often without requiring a signature. Without a signature, you do not have proof of delivery, and without proof of delivery it is very difficult to fight a chargeback.

It is important to know that AVS has some limitations, because this may affect your decision about how to treat bad verification results:

  • The AVS system isn't always reliable. Bad results can be triggered unnecessarily because people move, or because some people report five-digit zip codes while others report nine-digit zip codes. This may generate a response stating that the address matches, but the zip code does not.

  • The AVS system can't handle addresses outside the U.S., so if you decide to ship only to addresses with good AVS results, you will rule out all international orders.

Online merchants typically do not rely solely on the AVS result to accept or reject an order. Most online merchants use the address verification service in conjunction with other tools to help them prevent fraud.

Card Code Verification

To help reduce fraud in the card-not-present environment, credit card companies have introduced a card code program. Visa¨ calls this code Card Verification Value (CVV); MasterCard¨ calls it Card Validation Code (CVC); Discover¨ and American Express call it Card ID (CID). The card code is a three- or four- digit security code printed on the back of cards, typically at the end of the signature panel. This program helps validate that a genuine card is being used during a transaction.

Card code verification works similar to address verification. The First Payment Gateway passes the code entered by the consumer to the payment processor, who then compares it to data on file at the card issuing bank. The payment gateway then returns a code to let you know whether the numbers matched. This helps to verify that the person using the card has the card in their possession at the time they place the order.

We advise merchants to require this code for all credit card transactions to help combat fraud. It is important to note, however, that these numbers can be obtained by fraudsters just as credit card numbers are obtained if they are stored by the merchant. It is for that reason that card associations prohibit merchants from storing these codes in their system. Asking for the CVV2 , CVC2, and CID has become standard practice for the majority of online merchants.

These basic fraud prevention tools should be integrated into your ordering and payment processes to reduce fraud and the risk of expensive chargebacks.
Payment Processing Videos

First Data First Data First Data
First Data
First Data Global Gateway Demo
Read Our Testimonials
Helpful Guides and Articles
First Data
First Data First Data First Data
Home | About US | Contact Us | FAQ | Privacy Policy | Resources | Site Map
Services by Cardservice International.
The FIRST DATA name, trademark and logo are owned by First Data Corporation. All other trademarks, service marks and trade names referenced in this material are the property of their respective owners. The First Data Independent Sales Agent Program is operated by Cardservice International, Inc. Cardservice International, doing business as First Data Independent Sales (FDIS), is a registered ISO/MSP of Wells Fargo Bank, N.A., Walnut Creek, CA. American Express requires separate approval. FDIS Loud is an independent agent for Cardservice International.

Authorize.net and the Authorize.net logo are trademarks of Lightbridge, Inc.

© 2010 Loud Commerce, LLC - Merchant Account Services. All Rights Reserved. Equipment and set-up offers brought to you by Loud Commerce, LLC. Restrictions Apply. Call for Details.
 
First Data First Data First Data