Possible fraud. How to prevent it?

Forum Moderators: buckworks

Message Too Old, No Replies

Possible fraud. How to prevent it?

mnemonik23

5:46 pm on Apr 3, 2007 (gmt 0)

Hi,

I use PayPal website standard payment processing and sell digital goods (online service), which is not eligible for seller protection.

What happens: person #1 registers on my web site with one name and email (email is login name btw) and than pays by PayPal with different name and email. Next day I get notification from PP with dispute that person #2 did not authorize that payment.

I understand this maybe real, like somebody knows somebody else’s PP login and password.

I issued a refund to person #2 even if person #1 has already used a service.

But what if this will start happening more frequently? How can I protect myself?

Thanks for any advise!

MrFishGuy

4:39 am on Apr 4, 2007 (gmt 0)

The only thing you can really do is require the customer to use the same email address for registration as the PayPal email. This may require you to personally check the information before allowing the services to be used, but odds are if it's a stolen PayPal account, they won't have access to the real owners email address.

Essex_boy

5:34 am on Apr 4, 2007 (gmt 0)

Are you able to switch off the stolen sooftware?

mnemonik23

1:34 pm on Apr 4, 2007 (gmt 0)

Thanks for your replies.

The thing is I can't force user to enter his PayPal email because I still accept payments by Credit Card via PayPal, so user might even do not have a PP account.
Looks like nothing I can do about it :(

In my case this is not a software for download, it's an online service that user gets access to after the payment. Of course I banned the login for that user but he had an access to service for 2 days.

Corey Bryant

6:50 pm on Apr 4, 2007 (gmt 0)

Start scrubbing the transactions more. Put in safeguards to check these emails and IP addresses. It might take a little time but worth it in the long run to protect your account

-Corey

mnemonik23

8:26 pm on Apr 4, 2007 (gmt 0)

Corey,

Could you please explain it with more details? It's kinda of new to me...

Thanks!

farmboy

3:36 pm on Apr 9, 2007 (gmt 0)

What sort of notice did PayPal send you? Did PayPal ask for any information from you?

FarmBoy

Corey Bryant

8:47 pm on Apr 9, 2007 (gmt 0)

I do not know if Paypal allows you to check the billable address - but this should be your first step. Your second should be the CVV. Paypal should be scrubbing the transaction already for you though - this is one reason why people use third party processors.

After that, look at the IP address. Does it match the location on the billable address? Is the address from one of those free email accounts?

If you are getting more and more fraud via paypal, consider switching to another processor - maybe clickbank. One that will scrub the transaction a lot better.

I bought something a few weeks ago via Element 5. I accidentally entered the wrong zip code and my transaction was declined. Here you can see AVS working - it did not match and they did not approved the transaction

-Corey

farmboy

12:23 am on Apr 10, 2007 (gmt 0)

I use PayPal website standard payment processing and sell digital goods (online service), which is not eligible for seller protection.

Did you mean to say "seller protection" or "buyer protection?"

I don't think buyers at PayPal have any protection when purchasing digital products.

FarmBoy