Funny...and SO correct:
4= Nigeria (Just do not ship!)

1)large dollar amount
2)want express shipping
3)Purchase of certain high risk, easily re-saleable products
4)ship to certain high risk cities (in U.S.): Miami
5)ship to address of freight forwarders (get a file of them)

By the way, I certainly wouldn't reject all orders with different ship and bill addresses. My main cc is billed to my business but stuff is often shipped to my home. (or visa versa in some cases)

Different shipping and billing addresses may raise a red flag with large order amounts for unprotected merchants.

You should track the IP address that the order was placed from.

Multiple orders from the same IP with different information should raise a flag. Multiple orders with the same ship to but different bill-to and/or credit cards should raise a flag.

Watch for order "velocity" also -- repeated attempts to place an order from a given IP address within "x" minutes should raise a flag.

Orders placed from an IP address not in the same country as the bill-to or ship-to should raise a flag (you'll need the ability to determine country from IP address - search the web and you'll find ways to do that).

Note that with IP address flagging, you'll have problems with AOL customers - every page hit from AOL can come from a different address even though it's the same customer.

An e-mail address with a free provider (yahoo, msn, etc.) should raise a flag.

Require a phone number with all orders. An order where the area code doesn't match the same area as the bill-to should raise a flag.

Require CVV for all orders. That eliminates a lot of fraud right there.

Require AVS match for all orders. Easier to fake than CVV but still will filter a good deal of fraud.

Many customers don't know that they can set up an alternate shipping address with their bank/card carrier for convenience, gifts, etc. Merchants can then verify the alternate address with the bank when customer wants it shipped to other than the billing address.

Dont' know if this can be done automatically though as I call the issuing bank on every order over $250 and, so far (7 years), haven't shipped a fraudulent order.

Goes without saying, just dump all those Nigerian orders that just love your stuff and can't "wait" to get it ASAP.

i did something similiar to the triggers, but instead of having a warning for each individual item, I assigned a point value to certain indicators, which is very simliar to the point system you assigned to the triggers. All the point values are added up and a fraud score is assigned to the order and rating of low medium or high is given to the fraud score. I've only been using it a short time, so I can't say how effective it has been. Although it has flagged a few orders and caused me to look closer at some that I never would have thought to be suspect before.

two triggers I use is to search the previous orders to see if email address was used before but with a different name. I also search previous orders to see if cc number was used before with a different name.

guys, we do sell downloadable software, how should we protect ourself?
Problem with IP is that mostly they are using dial up AOL, so it doesn't show real destination and we can block the IP, because it will be different next time.

We have just received a US order with matching billing and shipping, AVS all match up, requesting overnight shipping to a freight forwarder address.

Should I ship?

RS.

If its a Visa and you have VbV....

it is a discover, avs, cvv, billing, shipping... all match..

where can i obtain the file with a list of freight forwarder in US?

I don't know of any single source. They tend to be in port cities such as Miami. You'd need to make your own list. Most forwarders have websites. If you get a questionable order, look up the ship-to address on the web to see if it is a forwarder.

Are there sites that allow you to get credit card addresses, if you have the cc and exp date?

That way you can compare against bill/ship to addresses.

> Are there sites that allow you to get credit card addresses, if you have the cc and exp date?

No. AVS is the best matching system available at the moment for this purpose.

For suspicious orders, we usually get the issuing bank's number and call to check the name and address with them. We've found that to be much more accurate than a basic AVS check.

For Discover cards, we call their authorization and verification line.

I make my guys follow these rules.

The billing address fails, decline the order. Cheaper than a chargeback.

If it is overseas - decline it, no way to go after people just doing a chargeback because.

Those are the basic rules. The only time I ever got burnt was for a $1300 item. Everything checked out. I even called the credit card company and verified it wasn't a hot card. Shipped the item and then got a chargeback months later. It turns out a fella from FL stole an old timers credit card statement from TN and had everything changed including the billing. From there he went nuts.

Other than that we have been extremely lucky with chargebacks. And on the chargebacks we do get that are from legit people and we have indeed shipped the items, we send them right to collections with chargeback fees. I got so sick of taking the chargebacks and losing the fees, collections was the only way to go.

Interesting. I ship to addresses different than billing addresses all the time. Probably a good 10-15% of my orders come that way. Women order clothing and want it shipped to work instead of home. Or, men buy clothing for their significant others.

I've never really had a fraud problem through that route. A lot has to do with the nature of your products.

If it isn't something that has a ready resale market, you should see less fraud. I would say that jewelry, electronics and that sort of easily fencable item are a whole different animal.

--Mike