homepage Welcome to WebmasterWorld Guest from 23.22.173.58
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / WebmasterWorld / Ecommerce
Forum Library, Charter, Moderators: buckworks

Ecommerce Forum

    
Verified by Visa and phone orders
DonQ

5+ Year Member



 
Msg#: 4072 posted 1:56 am on Jul 20, 2005 (gmt 0)

Seems to me that VbV and phone orders aren't bedfellows? Searching, again, for a decent international payment processor, I find that the few with reasonable start-up costs and customer service, are implementing VbV, which cannot be turned off. A big part of (my) business is phone orders, and I cannot see how I can process those orders anymore. Am I missing something here?

Another thing is I have read here and elsewhere that some merchants do not want to use VbV because it confuses the customer?

 

Corey Bryant

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4072 posted 4:06 am on Jul 20, 2005 (gmt 0)

VBV requires the consumer input - think of it like an "I agree" button. So if you have VBV implemented on your website, and someone buys something - you are protected.

But if you are selling, say webhosting and using the electronic payment gateway's recurring billing, only the first payment is protected because the consumer initiated it. The other charges are not protected.

-Corey

oneguy

10+ Year Member



 
Msg#: 4072 posted 9:13 pm on Jul 20, 2005 (gmt 0)

As a consumer, VbV has been a huge pain to me. I buy a lot online.

I won't call, either. I go someplace else and order.

I won't even explain. (too aggravated at the moment.)

bakedjake

WebmasterWorld Administrator bakedjake us a WebmasterWorld Top Contributor of All Time 10+ Year Member



 
Msg#: 4072 posted 9:16 pm on Jul 20, 2005 (gmt 0)

As a consumer, VbV has been a huge pain to me. I buy a lot online.

What a timely topic!

I went to my first store where I hit a VbV box like 5 minutes ago. It prompted me to enter information I already had, plus some ancillary information, such as my date of birth and my CVV2 number.

It took me a couple of seconds (and I'm a geek and buy lots online!) before I came to the DoB question, and then I said "why in the hell do you need that?".

I then realized it was my bank and VbV asking me for the information. It wasn't a major inconvinence, but three bullet points on why I should use VbV on that initial screen would be great. I was totally confused and simply went along with the process because I really wanted what this store was selling.

Still, it's damned confusing, and had I not really wanted the product, I probably would have turned around myself.

Corey Bryant

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4072 posted 9:32 pm on Jul 20, 2005 (gmt 0)

It is basically there to protect the merchant & the consumer. This time - the merchant more so than the consumer.

It helps to prevent the "I didn't do it" chargeback. A lot fo companies still use the archaic AVS feature. VBV / MSC is the newest technology. It is more like insurance for the merchant if you ask me. It is only time until the hacker breaks thru VBV / MSC as well.

-Corey

julesn

5+ Year Member



 
Msg#: 4072 posted 9:48 pm on Jul 20, 2005 (gmt 0)

We made the necessary tecnical changes to our shopping cart last year, but we have not yet "switched on" 3D Secure (the system behind Verified by Visa and MasterCard SecureCode).

The banks and our processor assure us that conversions do not suffer with 3DS, but I am not conviced. Their reasoning is that the 3DS password process does not start until we have captured all the customer information, and that a genuine customer is unlikely to quit the process as this stage when they have given us all their order details compared to every other stange in the buying process.

A/B testing of this would introduce other complications.

3DS was never designed for phone orders - it was only designed for Internet transactions.

We considered taking order details by phone and then sending the customer a link to the completed online order ready to take them through the 3DS authentication process, but I'm not sure that would be of any benefit over telling the potential customer to place the order online in its entirety. Maybe it would save them typing in many of their details, but the most common reason we get for customers calling in with their phone order is that they dont want to put their card details online, and this wouldnt really get around that as far as the customer is concerned.

jules.

DonQ

5+ Year Member



 
Msg#: 4072 posted 1:54 am on Jul 21, 2005 (gmt 0)

The banks and our processor assure us that conversions do not suffer with 3DS, but I am not conviced. Their reasoning is that the 3DS password process does not start until we have captured all the customer information, and that a genuine customer is unlikely to quit the process as this stage when they have given us all their order details compared to every other stange in the buying process.

Still, it's damned confusing, and had I not really wanted the product, I probably would have turned around myself.

I don't think these guys know, or care, how much impulse buying is going on on the internet. Not every customer is so desperate for a product that he/she is willing to jump through burning hoops for it.

3DS was never designed for phone orders - it was only designed for Internet transactions.

Exactly, but what to do with phone orders now?
This site has not had 1 chargeback, return or complaint in a year, and a high % of orders are by phone. VbV will kill it, as a lot of transactions are impulse buys.

..then realized it was my bank and VbV asking me for the information. It wasn't a major inconvinence, but three bullet points on why I should use VbV on that initial screen would be great. I was totally confused and simply went along with the process because I really wanted what this store was selling.

For the banks to enroll their customers into VbV during my transaction process I find unacceptable (though I cannot do anything against this mafia) You understood what was happening, most customers aren't savvy enough to know, so just get aggravated and close the window.

This VbV to my mind is going to cost merchants dearly. Sure theres lots of fraud, and its got to be addressed, but I think we're killing the goose now.. Too much security around my home makes it a jail, and no-one wants to visit.

DonQ

5+ Year Member



 
Msg#: 4072 posted 2:17 am on Jul 21, 2005 (gmt 0)

I'd say give the merchant the option, he's the guy taking the risk. Even charge him a higher rate if he doesn't use VbV, thats ok, but each business has a different customer and risk profile.

julesn

5+ Year Member



 
Msg#: 4072 posted 6:26 am on Jul 21, 2005 (gmt 0)

Exactly, but what to do with phone orders now?

You would process phone orders using the same measures you use now - presumably you use AVS, CVV2, common sense, and in exceptional circumstances manual phone authorisations to check the customer name and address really match the details you have been given on the order.

The problem with phone orders is that now Internet transactions will become supposedly more secure, it's likely that the potential fraudsters will move to other ways to use their dodgy credit card numbers - such as by making phone orders!

jules.

DonQ

5+ Year Member



 
Msg#: 4072 posted 9:23 am on Jul 21, 2005 (gmt 0)

Currently phone orders are processed using a virtual terminal. VbV will make this impossible.

PCInk

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4072 posted 9:38 am on Jul 21, 2005 (gmt 0)

Virtual terminals will not be affected - in the same way that chip and pin has not affected internet purchases. They are different and unrelated.

All transactions through a virtual terminal means that the seller bears the brunt of any chargeback.

RailMan

5+ Year Member



 
Msg#: 4072 posted 1:31 pm on Jul 21, 2005 (gmt 0)

VbV / MCSC are the Internet (online) equivalent of Chip and Pin. This protects the merchant from chargebacks in the same way as chip and pin does.

The shopper connects directly with the bank at the time of payment. The first time they do this they have to register once by entering various security details like DoB etc to get a pin number. After this they just enter their pin number with every payment.

VbV / MCSC are not to be used (cannot be used) for telephone orders. Anyone taking orders by telephone will miss out on the extra protection given by VbV / MCSC.

Offline card fraud is much worse than online fraud, so the card companies have focussed on C&P rather than VbV / MCSC - doing both together is too much for Mr Average to take in at once. Card companies will spread the word about VbV / MCSC sometime in the future - I think only 50% of UK credit cards are C&P at the moment, so there's a long way to go yet.

Morocco

10+ Year Member



 
Msg#: 4072 posted 3:11 pm on Jul 21, 2005 (gmt 0)

The premise is to engage and immediately connect a cardholder to their bank via your website, so they can submit a personal form of IP.

Morocco

10+ Year Member



 
Msg#: 4072 posted 5:15 pm on Jul 21, 2005 (gmt 0)

Anyone else find the VbV program an inconvience as a cardholder? When I enrolled it took me less than 60 seconds. I think the hardest part was trying to create a personal message I liked that coincided with one of my usual passwords.

gigalot

5+ Year Member



 
Msg#: 4072 posted 8:02 pm on Jul 21, 2005 (gmt 0)

I'm going to be the dense one here. I thought it was up to the merchant to adopt this new technology. If not, who decides? The consumer's bank, the consumer, the merchant bank, or is it just a blanket thing?

RailMan

5+ Year Member



 
Msg#: 4072 posted 10:23 pm on Jul 21, 2005 (gmt 0)


I'm going to be the dense one here. I thought it was up to the merchant to adopt this new technology. If not, who decides? The consumer's bank, the consumer, the merchant bank, or is it just a blanket thing?

you're not dense - they are perfectly sensible questions

VbV / MCSC are fairly new - not all card issuers are enrolled in the schemes yet so not all cards are set up for it.

at the moment it is up to the merchant or payment gateway provider to set up the necessary systems - worldpay have had this set up for some time now

it's up to the individual cardholder to enrol their cards in the system when they buy online through a VbV / MCSC compatible system with a VbV / MCSC enabled card. eventually this will be a "blanket" thing like chip and pin is in some countries.

of course, if the merchant chooses not to use VbV / MCSC, their customers cannot enrol and the merchant doesn't get the guarantees against chargebacks ....... kinda silly not to use it really ............

gigalot

5+ Year Member



 
Msg#: 4072 posted 4:09 pm on Jul 22, 2005 (gmt 0)

So what if the customer enrolls his card, but the merchant has not enrolled. Will there be a problem with the charge? What happens in the opposite case, the merchant enrolls, but the customer has not? Also, where does the payment processor come into play?

Corey Bryant

WebmasterWorld Senior Member 10+ Year Member



 
Msg#: 4072 posted 5:52 pm on Jul 22, 2005 (gmt 0)

So what if the customer enrolls his card, but the merchant has not enrolled. Will there be a problem with the charge? What happens in the opposite case, the merchant enrolls, but the customer has not? Also, where does the payment processor come into play?

VBV / MSC is like an insurance for the merchant to protect the I didn't do it chargeback claim. If you are enrolled in it as a consumer and the merchant is not, the merchant is not protected. And there will not be a problem with the charge.

If the merchant is enrolled but the customer is not, the merchant is still protected.

Depends on your definition of payment processor. It is the electronic payment gateway that actually has to be compatible with VBV / MSC. The gateway lets the processor know the transaction was approved

-Corey

oneguy

10+ Year Member



 
Msg#: 4072 posted 3:49 pm on Jul 25, 2005 (gmt 0)

The shopper connects directly with the bank at the time of payment. The first time they do this they have to register once by entering various security details like DoB etc to get a pin number. After this they just enter their pin number with every payment.

I guess that's why I'm messed up. The first time I saw this, I must have decided that was something I didn't need to use. I was fairly sure it was my bank, but didn't see the need to give up extra details. Most merchants are quite happy with my CC#, exp, and CCV.

At the current moment I've seen it a few times, and VbV makes me go through the process, then produces a rejection screen for me - while charging my card. I think the merchant knows I'm paid up, but I don't. (which makes me think I still need to find a way to pay... causing a double charge or some other confusion)

That's *&@&!ed up... creates an issue for everyone. If this gets widely adopted, I'll have to get it sorted. At the moment, it's just easier to hit the back button.

I know resistance is futile, but I thought that was in the long run.

RailMan

5+ Year Member



 
Msg#: 4072 posted 3:56 pm on Jul 25, 2005 (gmt 0)

IMO, VbV / MCSC will get adopted worldwide in due course - once the craze for chip and pin is over

when VbV / MCSC goes live worldwide, there will be loads of information for merchants and cardholders and it'll be a lot easier for all concerned

until then, we have to make do with a messy system .........

gigalot

5+ Year Member



 
Msg#: 4072 posted 6:39 pm on Jul 25, 2005 (gmt 0)

And they claim that this does not affect conversion. Our conversion is tenuous already. The risk reward is not in VbV's corner.

Has anyone actually implemented this? How did it impact your conversions?

RailMan

5+ Year Member



 
Msg#: 4072 posted 12:10 am on Jul 26, 2005 (gmt 0)

worldpay implemented this a long time ago so merchant participation is "included"

if the card issuer is enrolled and VbV/MCSC is available to the card holder, the card holder will see a pop-up window at payment time - enrolling or entering the pin number etc is "voluntary", although it doesn't actually say it's voluntary.

if the card issuer is not enrolled, or if they are enrolled by VbV/MCSC are not available on a particular card, there is no pop-up.

if there is an impact, it's tiny. we've had a couple of people query it because they use pop-up blockers and don't see the pop-ups, but they've still paid.

most cards go through normally without VbV/MCSC verification. maybe 10% are verified by cardholders that enrol / have already enrolled.

Morocco

10+ Year Member



 
Msg#: 4072 posted 12:57 pm on Jul 26, 2005 (gmt 0)

VbV/MCSC is now streamlined in the US to an inline window presentation. Because of Pop-up blockers Visa "recommends" the inline window.

RailMan

5+ Year Member



 
Msg#: 4072 posted 1:46 pm on Jul 26, 2005 (gmt 0)

i believe worldpay will do the same at some point - the pop-up blockers are a pain in the butt

Morocco

10+ Year Member



 
Msg#: 4072 posted 2:33 pm on Jul 26, 2005 (gmt 0)

So all WorldPay merchants must participate?

RailMan

5+ Year Member



 
Msg#: 4072 posted 10:10 pm on Jul 26, 2005 (gmt 0)

>>So all WorldPay merchants must participate?

you make that sound so negative ...........
it's a *positive* thing

VbV/MCSC should be set up on all worldpay accounts by now
worldpay merchants don't need to do anything extra
worldpay merchants benefit from the extra guarantees of VbV/MCSC
very little (or no) impact on sales

when a sale comes in, the email from worldpay gives you the AVS/CVV results and their own anti-fraud check results (Worldalert) AND the VbV/MCSC results (whether the cardholder enrolled / verified or not etc)

simple............ that's all there is to it .......

Morocco

10+ Year Member



 
Msg#: 4072 posted 2:59 pm on Jul 27, 2005 (gmt 0)

Sounds good to me.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / WebmasterWorld / Ecommerce
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved