Internet Merchants, How Can You Prevent and Reduce Fraudulent Activity on Your E-commerce Website?

Date Thursday, 15 October 2009  Posted in Category Computer Resources  Tags , , ,   Comment 2 Comments »

You may want to setup an e-commerce website to increase profit from online marketplace. Before that, you need to know a little something about the negative impact and the disadvantages of accepting credit cards payment online.

Chargebacks

A chargeback occurs when an individual credit card holder contacts the credit card issuing bank to deny and claims that he or she did not authorise a transaction made and request to dispute the charges. The credit card issuing bank will then take the money back from the acquiring bank (merchant bank). Chargebacks are typically reported on a weekly or bi-weekly basis by the acquirer to the merchant, costs to the merchant when this happens include:

  • Loss of merchandise
  • Loss of revenue
  • Per-chargeback administration fees (such as RM45)
  • Fines for chargebacks (depends on the number of disputed transaction incidents)
  • Risk of losing merchant account due to high chargeback rates, and associated loss of ability to accept credit cards payment online.
credit-card-processing-flow

The above diagram is a typical Internet credit card transactions process flow model

Approaches to managing fraud

When you are setting up or selecting a billing system on your e-commerce website, ensure the following approaches are implemented:

  • Address Verification Service (AVS)
    Request for the billing address (statement address) to be submitted for credit card issuing bank’s verification. It can help reduce fraud when the perpetrator does not have a billing address.
  • Details As Per Statement
    Request for the credit card holder’s statement name instead of name on card to be submitted for credit card issuing bank’s verification.
  • Card Verification Code/Value (CVC/CVV/CVV2)
    Request for the CVV (3-4 additional digits which is printed on the back of the credit card) to be submitted for credit card issuing bank’s verification. These digits do not appear on credit card statements, it indicates the purchaser has the physical card or its details.
  • Image Verification Service (IVS) / CAPTCHA
    Request purchaser to enter the random image for authentication. Because IVS requires a humans to type the random words that appear, it can prevent the Internet auto-submission-bot attack.
  • Rules-Based Systems / Manual Review of Orders
    Create your own rules-based system for automating the review of orders before submiting for credit card issuing bank’s verification. If the transactions amount (such as large orders or expensive items) has exceeded your rules set, the purchaser information will need to be verified (such verifications like- is this a new customers? is this shipping address same as billing address? does this order required manual review? etc).
  • SecureCode Verification by Credit Card Issuing Bank
    Many local credit card issuing bank have already implemented the SecureCode verification as the 2nd layer authentication on Internet credit card transactions. To obtain this SecureCode, the credit card holder is required to submit other P&C information for process (such as mother name, mobile number, home branch and etc).
cinema-credit-card-payment-form

One of the local cinemas' e-ticketing system, which perpetrator needs only a few of credit card details- card number, name on card, expiry date and CVC. This type of simple authentication form which can make fraud easier.

Bottom line

credit-card-frontAlthough each of above approaches can help, but remember that the Internet transaction is considered a “Card-Not-Present” transaction by the credit card issuing bank. The merchant is still wholly responsible for the fraudulent transaction, even if the merchant has proof of signature during the delivery.

In any Internet fraudulent transaction incident, the merchant is always on the losing side. So selecting a good e-commerce plan and a reliable payment gateway service provider is pretty important.

Tags: , , ,

2 Responses to “Internet Merchants, How Can You Prevent and Reduce Fraudulent Activity on Your E-commerce Website?”

  1. lcs says:

    Thank you for sharing. I think this is useful. Our challenge is to make it simple for the customers and at the same time maintaining high security.

  2. Neuronic says:

    Thanks for the extensive coverage on fraud. I think we need to adopt 3D Payment System to provider another layer of security while making payment online.

Leave a Reply