use pre-authorisation
[google.co.uk...]

If the order was placed online, you should be logging IP addresses on each order. There are many sites that can track down a location of an IP address. Geobytes is one of them. Then you can match that with the address on the CC. Its not the exact address, but the location of the ISP. Which is within a couple of miles. And the customer should reverse the chargeback since you did credit them.

[edited by: lorax at 7:51 pm (utc) on June 15, 2005]
[edit reason] Removed DN [/edit]

>>If the order was placed online, you should be
>>logging IP addresses on each order.

Pirate uses WorldPay so there is an automatic IP address / card issue country check on every transaction - not guaranteed these days with IP spoofing

>>Its not the exact address, but the location of the
>>ISP. Which is within a couple of miles.

Almost worthless. It can be hundreds of miles out.

>>And the customer should reverse the chargeback since
>>you did credit them.

It's an invalid chargeback so should never have been taken back by the card issuer. Worldpay do "collection assistance" to recover invalid chargebacks. I've sent Pirate a sticky with the URL.

Due to the number of players involved, the chargeback will still sometime go through, despite the fact that a refund was placed.

Eventually, it all gets straigten away automatically, and the chargeback will be reversed, however it sometimes takes several months.

Also, send an email and wait for a reply/acknowledgment from that email before delivering.

In addition to the IP, that gives you another point to prove the customer placed the order.

Also, send an email and wait for a reply/acknowledgment from that email before delivering.
In addition to the IP, that gives you another point to prove the customer placed the order.

sorry robjones2, that's almost worthless
there is no way to verify that the email address given belongs to the cardholder - if the transaction is fraudulent, the email address probably belongs to the fraudster - you'll get a reply but it won't be the cardholder ..........

well, my reply was to what he can do in the future. If anything, he can contact the credit card company and report it as fraud since the owner of the card 'stated' they did not order anything with him. He does have the shipping address and an IP. Let the credit card company decide if that information is worthless, there are some pretty stupid criminals out there.

Maxmind does a fraud detection for free. It checks many things including if the IP is on a proxy, IP location in reference to the billing address, phone, card issue country. Here is a complete list.

And it doesnt matter if people can spoof IP's. The more information you have on an order, the better decision you can make on actually going through with the order. Logging the IP address has saved us many times when customers dispute something. If any flags get raised on something, just call the issuing bank.

[edited by: lorax at 7:54 pm (utc) on June 15, 2005]
[edit reason] Removed URLs [/edit]

Hi Railman,

You'd be surprised. We capture the IP address and Email at the time of order, and also on all Contact forms.

its really stupid then of some customers, several weeks later, to attempt to deny a transaction was them, but they email from the same email address (and IP) we contacted them at, and refer to passwords etc. from that email!