George - 2:14 pm on Jul 20, 2010 (gmt 0)
We do a couple of extra things over and above these mentioned. We Used Secure Trading to start with, and we get an address match and the 3D Secure (is that a UK only thing?) a code of 222YY means that the Credit card company will honour the transaction... in theory.
Then, if we are stillsuspicious, then we send a trust letter to the card holders address, saying please contact us with a unique code to verify the transaction. Amazing how that catches fraud to a different delivery address. Also, it warns the real card holder their card is being used. Morally, I like that. So does the card holder. Might be a customer later on.
The other way, is we don't take the full amount of the order, but a small amount. (say £1.73) The customer can then verify the amount. (in 2-3 working days). It means they have access to the account, not just the card. Fraudsters run a mile at that. Honest folk do not mind.
The last one, is we ask them to pay directly into our account, as we cannot verify the credit card. Once a customer is "trusted" then it does not matter.
The one thing you have to watch there, is someone who orders a small item, possibly not on a stolen card, then comes back, changes the delivery, and orders big on a stolen card.
Yes it is traceable to a degree, but there are plenty of ways round that if you are a smart fraudster.