Welcome to WebmasterWorld Guest from 220.127.116.11
Forum Moderators: buckworks
- checking with Authorize.net I was able to see that the purchaser tried three times under a different card/different name to get their card authorized (same card each time), but in all three cases was declined. In one of those cases, the first and last names were reversed. Succeeded on first try with new card (and name).
- the IP address of the purchaser is 800km from the ship to address.
Usually, in my experience, the IP address and ship to address will match or be very close (we don't bother with countries like Indonesia or Ghana and many more).
Not sure what to make of the three declines before succeeding with a different card. Almost makes it seem legit as in "I know this card is good," even though it actually wasn't.
Also, the name on the declined card is completely different than the accepted card. Both names are very strange (to my American ears)...definitely not French. Maybe Russian or Slovak.
It would be useful to know if this first decline was due to E-51 Not sufficient funds, E-04 Pick-up card; Capture for reward, E-43 Stolen Card; capture for reward, etc.
A phone call to try and contact the cardholder might help, as sleepy_eye suggests. But bear in mind that the phone number on the order may well not be the actual phone number of the cardholder.
In card-not-present transactions the liability is all on you as the merchant in cases like this. Many of our merchants will only ship if they have a signed authorization form from the cardholder in hand.
Not a good sign, people tend to know their own names.
and switching first- and lastname can happen, especially if the form on the website is in the "wrong" order (not the one you're used to) or uses field names that are not too clear. I have personally seen people enter "VISA" if you ask for "name on card" instead of "card holder", so I wouldn't take it for granted for people to get the right value into the right field on the first try ...
Eight days ago we emailed the "French customer" and mentioned the multiple attempts to authorize under a different name and requested the full card number (less the final four digits) so we could add the shipping charges to their card since we do not store the entire credit card number on our servers.
We had pretty much decided to not fulfill this order but were curious to see what he might do. We never heard back and have canceled the order.
I suppose if you are a thief sitting at a computer with a stack of stolen credit card numbers placing orders for merchandise all day you might lose track of what you've done at some point :)
In the past I've engaged would-be thieves in email conversations, leading them to believe I've shipped their order, only to have them request more and more merchandise, including stuff you don't even carry. At that point you really do know...
This guy chose not to respond, but I think it's safe to say this order was not legit.
Thanks for everyones participation. It's an interesting thread.
mentioned the multiple attempts to authorize under a different name and requested the full card number (less the final four digits) so we could add the shipping charges to their card since we do not store the entire credit card number on our servers.
You may have send them an email requesting a copy of the card (front and back), plus a recent bank statement (with the transactions omitted) and the issuing bank phone number. Or else you can't process the order due to security reasons (without offending them). Call the bank and verify. If it's a small order - don't take the hassle. If it's a big order, why loose a deal?
Asking for a copy of the front and back side of the card will help reduce a huge percentage of the fraud.
Display IP address of the person.
Or else you can't process the order due to security reasons (without offending them).