What was the specific decline code for the first card?

This certainly fits the modus operandi of a carder, more than a legitimate customer.

If the declined card is not a similiar name (like a different family member), then I would be even more cautious.

Do you mean the AVS code (there is no decline code per se)? The AVS code was R on the declined card (AVS system was unavailable). The card that was eventually accepted was U (address information for the cardholder is unavailable).

Also, the name on the declined card is completely different than the accepted card. Both names are very strange (to my American ears)...definitely not French. Maybe Russian or Slovak.

i have found that a google search on the delivery address or parts of it can be fruitful.

... of course being english i said delivery but i meant shipping!

Great idea. I'll have to add that to my bag of tricks.

Turns out to be a nice looking place :)

We've had orders like one you describe. We usually call. Bad phone number, no one knows the person, or they don't know what they ordered, bye bye.

Was it a different name on each try?

the first and last names were reversed

Not a good sign, people tend to know their own names.

It's a shame that authorize.net provides a limited set of decline codes, i.e. CVV2/CVC mismatch, AVS error, or Invalid card number only.

It would be useful to know if this first decline was due to E-51 Not sufficient funds, E-04 Pick-up card; Capture for reward, E-43 Stolen Card; capture for reward, etc.

A phone call to try and contact the cardholder might help, as sleepy_eye suggests. But bear in mind that the phone number on the order may well not be the actual phone number of the cardholder.

In card-not-present transactions the liability is all on you as the merchant in cases like this. Many of our merchants will only ship if they have a signed authorization form from the cardholder in hand.

If it helps, Orange (France Telecom) referrers are always very far away from our French office, like 800km or so to Paris.

Not a good sign, people tend to know their own names.

and switching first- and lastname can happen, especially if the form on the website is in the "wrong" order (not the one you're used to) or uses field names that are not too clear. I have personally seen people enter "VISA" if you ask for "name on card" instead of "card holder", so I wouldn't take it for granted for people to get the right value into the right field on the first try ...

Im seeing more fraudulent orders recently doing similar things, beware and get rid of the order.

Thought every one might want to know how this drama has unfolded so far...

Eight days ago we emailed the "French customer" and mentioned the multiple attempts to authorize under a different name and requested the full card number (less the final four digits) so we could add the shipping charges to their card since we do not store the entire credit card number on our servers.

We had pretty much decided to not fulfill this order but were curious to see what he might do. We never heard back and have canceled the order.

I suppose if you are a thief sitting at a computer with a stack of stolen credit card numbers placing orders for merchandise all day you might lose track of what you've done at some point :)

In the past I've engaged would-be thieves in email conversations, leading them to believe I've shipped their order, only to have them request more and more merchandise, including stuff you don't even carry. At that point you really do know...

This guy chose not to respond, but I think it's safe to say this order was not legit.

Thanks for everyones participation. It's an interesting thread.

mentioned the multiple attempts to authorize under a different name and requested the full card number (less the final four digits) so we could add the shipping charges to their card since we do not store the entire credit card number on our servers.

If it may be added: maybe it WAS legit, and the person on the other side of the ocean decided to try their luck with your competition, who have (in their opinion) a better and quicker checkout process for international cardholders... The multiple attempts were for any reason but fraud.

You may have send them an email requesting a copy of the card (front and back), plus a recent bank statement (with the transactions omitted) and the issuing bank phone number. Or else you can't process the order due to security reasons (without offending them). Call the bank and verify. If it's a small order - don't take the hassle. If it's a big order, why loose a deal?

We have been shipping to France for almost 5 years.
LASTNAME, firstname 99% of the time is how orders from France are filled out. But strangely, just France. I'm not sure if its their custom or how the name is imprinted on their credit card. If that helps any.

I second JR. I think you should develop a standard way of verifying the identity of the person when in doubt.

Asking for a copy of the front and back side of the card will help reduce a huge percentage of the fraud.
Display IP address of the person.

Or else you can't process the order due to security reasons (without offending them).

Dito!

@sleepy_eye - Well, I am French and despite all my efforts, I still do not know what Firstname and Lastname are. Somehow, for a French guy, the term Firstname and Lastname are very very confusing... And yes, we are used to "LASTNAME Firstname".

@tomda
Thanks for the insight. Makes sense now :)

Any easy candidate for a wire transfer.