How To Avoid Card Not Present Fraud
It is much harder to prevent credit card fraud when the cardholder and the card are not present during the transaction. Face-to-face the merchant can check the card to be sure that its valid and can verify that the cardholder is the authorized user on the account by matching their signature on the transaction receipt to the one on the back of the card and request an ID when in doubt. This can’t be done when the transaction is accepted online or over the phone.
However, a combination of best practices and fraud prevention technique can provide card-not-present merchants with strong fraud prevention abilities. If your business accepts payments online or by phone, you need to implement the following safeguards:
Always verify the phone number and transaction information before shipping your products. Call the phone number provided by the customer and verify the transaction information. Criminals may be unable to verify such information, because in their rush to max out the credit line before the fraud is discovered, they often order at random and do not keep records.
Always examine priority shipment requests. Expensive priority shipments can be a strong indicator of a fraudulent transaction, especially if a free shipping option is available. Unlike the rest of us, criminals do not much care about shipping costs because they won’t be paying the bill!
Always validate orders from repeat customers that deviates from the established pattern. If an order from a past customer changes from the regular pattern, contact the customer and validate the transaction.
In addition to following the aforementioned procedures, you should also take advantage of the available fraud prevention tools. Following is a short list of them:
Address Verification Service (AVS)
AVS enables you to compare the billing address (the address where the card issuer sends its monthly statement to) provided by your customer with the billing address on the card issuer’s file before processing a transaction. These addresses should always match.
Card Security Codes Systems
Card Security Codes are the 3-digit numbers placed on the back of Visa (CVV2), MasterCard (CVC 2) and Discover (CID) cards, in or around the signature panel, and the 4-digit numbers located on the front of American Express (CID) cards, above the account number. Card Security Codes help verify that the customer has physical possession of a valid card during a card-not-present transaction. This is a particularly strong fraud prevention tool.
Verified by Visa and MasterCard SecureCode System
This fraud prevention service is offered by the two Credit Card Associations to e-commerce merchants and to online shoppers. MasterCard SecureCode and Verified by Visa allow cardholders to authenticate themselves to their card issuers by using a personal password they create when they register their cards with the programs. These services protect merchants against fraudulent “unauthorized use” chargebacks and save them money.
All merchants accepting card payments are required to be compliant with the requirements of the Payment Card Security Data Security Standard (PCI DSS), which sets the rules for data security management, policies, procedures, network architecture, software design and other protective measures. Be sure that you are PCI Compliant so you have maximum protection.
Additionally, you may want to build and maintain an internal negative file that includes data from fraudulent transactions that you have not been able to prevent. You need to be sure to omit information that relates to customer disputes or chargebacks, as these can be caused by reasons that are completely unrelated to fraud. Whenever a new order contains information that matches data in the file, your system should be designed to automatically identify the mismatch and trigger an check, therefore saving you money.