Forum Moderators: buckworks
I walk into a brick and mortar store and attempt to purchase a stereo with a stolen credit card. Merchant says "Sir this card is coming back as stolen!” I leave the store, return to my car, grab another card, go back into the store and attempt to purchase the stereo. "Sir, this card is also coming back as stolen." I leave again return a few minutes later with another card and continue this method until a card works. In this scenario as a merchant I have seen the scammers face and have an identity of the scammer. After the second attempt I would detain the scammer and call police, problem solved.
Second Scenario. Man walks into my brick and mortar store wearing a ski mask to protect his/her identity. Bottom line here, I would call police immediately regardless of shopping patterns!
Now my question: With so many transactions happening on the Internet and the continuing growth of online shopping, where are the ideas, the methods, the tracking and logging to start stamping out this problem? Why are we not using MAC ADDRESSES of computers? The scammers simply have it to easy to run their rings!
Truly, if I wanted to turn scammer I could think of 101 ideas to hide my footsteps and no doubt these scammer rings are using them, I see it everyday!
Simply having the IP address of a person is no help, its like trying to choose a single individual in a 256-person line-up all of which wearing a ski mask and a red jump suit!
Ban IP Address Blocks you say! That solves the problem for a short time, have you seen all the global IP re-allocation which goes on day after day?
Then the actual police reporting. "We don’t have time to deal with that because it is only fraud of $150.00 dollars". Add up all the countless transactions they made for goodness sakes!
Thanks for allowing me to rant! I know privacy is important and too many it is a huge part of the foundation of the Internet! But it is also my feeling that if you come into my online store I have the right to protect myself and the sellers within it!
[edited by: lorax at 2:41 pm (utc) on Oct. 2, 2006]
[edit reason] removed political comment [/edit]
Sadly, nothing is going to change until somehow the risk of fraudulant transactions is shifted from merchants to credit card issuers whether that be by the credit card issuers themselves or by a governing body or by goverments.
Surely the goverment is not going to do anything because credit card issuers are able to spend alot of profits on lobbyists. So unless someone or a group of people can create some sort of group to represent merchants and lobby for the goverment to force a change.
Credit card issuers are not going to change without someone forcing it on them because the credit card issuers are not going to volunteer to take on more of the risk.
When it comes to preventing fraud, there is no magic bullet. You are best off using an eclectic approach. A good tool to add to your toolbox is a Web Service to check for fraud; try a Web search for "Web Service credit card fraud detection".
Why are we not using MAC ADDRESSES of computers?I believe that call it card profiling. And I think this is one of the things that is looked at - but it has been awhile since I studied it, I might be wrong.
First Data's platform uses their data to actually offer a product called LinkShield via the LinkPoint gateway. It also uses the chargeback data as well to tell you if the customer has requested a number of chargebacks.
-Corey
[edited by: Corey_Bryant at 10:43 pm (utc) on Oct. 5, 2006]
