|Credit Card Fraud|
We run a fishing tackle site in the UK, and have persistent attempts at fraud from people in Yugoslavia, Macedonia, Croatia etc. Most of the time their orders are so ridiculous that we simply bin them, but we've recently had a couple of charge-backs where we'd filled orders that purported to come from the US, for delivery to Macedonia, that were supposed to be gifts from U.S. to Yugoslavia.
Since both of the orders involved an email address of a Beograd ISP, I mailed the ISP, politely asking if their entire client base were crooks or is internet fraud their national pastime? (always the diplomat me).
I got a very nice reply, asking a couple more questions, and saying that they would report the matter to the local police, but as internet fraud is not a crime in their country, not to expect too much in the way of results.
In response to my question re crooks, their exact response was as follows :
'Concerning "national pastime", well, they are good hackers, with nothing to do (unemployment is 60%), and they feel stealing from NATO countries is a patriotic duty after last year's bombing.'
So there you have it....it's a 'Patriotic Duty' to defraud businesses in NATO countries !!.
We've now taken a management decision to sell nothing to anyone with a delivery or invoice address in any of the Balkan countries, plus we don't sell to anyone whos name ends in 'IC'...that should cure 95% of our attempted credit card fraud.
What is the opinion on this type of discrimiation / racism from all you that have been in business for a while?
I'm not trying to be harsh, but this seems a bit off keel, especially the 'names ending in "ic"' part.
It would seem to be that there should be an excellent source of credit card verification out there... Anyone know of one?
>especially the 'names ending in "ic"' part.
I wasn't too keen on that either, but chose to write it off as "missing a smilie."
As for geography-based discrimination regarding fraudulent charges, it is my understanding that it's been in place for years in the long distance telephone industry.
Re credit card fraud, I thought it was common practice NOT to ship to any address other than the billing address on the card.
Apologies to all. It certainly wasn't my intention to be racist or offensive to anyone. I was simply trying to point out the problems that we have whilst trying to beat credit card fraud.
I guess that I was just particularly upset that we'd been conned....and that I had imagined a scenario where refugees from the troubles in the Balkan countries had been sent to the U.S., and had now returned to their home country, and that a U.S. gent was sending a present to a returned friend. Oh forget it...it sounds too corny to be believed now !!.
I wonder if you have better C/C verification in the U.S., we seem to be badly let down by our banks over here. According to them, there are no checks that they can do to match a credit card name to an address if it's outside the UK, so should we just refuse to send any goods abroard?, it sort of defeats the idea of a global market doesn't it ?.
It's me again, and I'm back on the offensive. I don't know how to frame a warning to UK ECommerce businesses without someone accusing me of racism.....but there IS a major problem with accepting and filling orders from Eastern Europe.
I've just downloaded three overnight orders from the web site
1 x UK Order - OK
1 x Romanian Order - Fraudulent
1 x Hungarian Order - Fraudulent
Going back through the last couple of months orders, of all orders declined or obviously fraudulent, 93% came from Eastern Europe. Incidentally, regarding the "IC" bit that caused so much offence - number of orders from "IC" 8 Number of fraudulent "IC" orders 8 - Yep 100%, it was originally said tongue in cheek, but I knew that it was based on fact.
>> I don't know how to frame a warning to UK ECommerce businesses
The level of caution when dealing with Internet orders needs to be high regardless of where the business is based. We deal with several UK ecommerce merchants and fraudulent orders have been received from many European countries, with most from the UK.
In the UK you can request a 'Code 10' authorisation for any transaction and it should be sought on every occasion where you have the slightest suspicion. If you operate in a market where fraud is commonplace, then I would suggest you took a 'Code 10' for every Internet order. There are a number of other steps you can take, and contacting the customer by phone can be revealing if you have doubts.
The obvious fraud attempts are the easiest to deal with - bin them.
Safest practice - an authorised transaction, shipped to the verified cardholder address, signed for by the cardholder. Even this still carries risk, unfortunately to you not the bank.
The cost of fraudulent transactions is another overhead to your business. Despite everything you do to try to prevent it, it can and probably will happen on occasion. I can only suggest that you build it in as a factor to your pricing policy.
Fraud is always hard to deal with.
On only being able to verify UK CC transactions. Guess what, that is what my mearchant services tell me here in the US about US only orders. Weird, but I accept and do business accordingly. It is a shame, as stated earlier, since this is a global market :(.
On calling the card holder, if it is a fraudulant order why would they not list their phone number and lie a little when you call to confirm (just being devils advocate on this one)? Remeber I can not confirm if the billing information on the order is correct to begin with.
It is always looked at hard by us when an order is placed from outside the US. Yes I have noticed that most every Romanian order for me is fraudulant BUT we do NOT discriminate. Meaning we look at the order, name, CC number, all variables. also Ross sorry but IC does not appear on all
of our fraudulant orders from Romanian.