i use a script to calculate a "suspicion level" based on many factors with different coefficients, if it goes above a certain level then it gets flagged in the database for me to investigate it.

this isnt an option for many merchants, but the basics should do you fine like requiring the 3 digit code.

if you want to get serious on fraud you can look at services like securecode. as not many card holders have registered this and there is a low awareness of it. expect your conversion rate to suffer if you use this, on the plus side fraud will be virtually eliminated and the odds are stacked in your favour in the event of a chargeback.

Your site should make it look like you've been in business for years. If you say your site is new, the foreign scammers will eat you for a snack.

I wanted to know methods, scripts etc you use to make sure its the cardholder who is placing the order.

use a well known card processing company that includes AVS, CVV/CV2, 3D Secure (mastercard securecode / verified by visa)
only ship to the cardholder's address and require a signature
must have gone over this hundreds of times in this forum - check back through old threads for more info

Rules of thumb:
Most orders for more than two sunglasses will be fraudulent.
All orders for 10 or more will be.
All rush orders will be.

I don't need no stinkin' scripts.
---
Try to determine how the oldest sun glass sellers handle security. My guess is such sites come and go quickly. Very risky product.

I do not agree that sunglasses site dissapear fast from the net. If you do a little research you'll find out that you're wrong.
The problem will always exist as there is no direct sugnature from the customer, the only thing I am gonna goe for probably is sending out the authorization leter to be signed, bith sides of teh credit card and the ID.
It might bring my ratio of conversions down ...

[quote}sending out the authorization leter to be signed, bith sides of teh credit card and the ID.[/quote]

Explain how that would work? What do you mean by "ID?" Your method, if I understand it, would turn a 3 minute transaction into one taking a week or more. Are you going to provide return postage and an envelope?

Do any sunglass sites work like that?

Well you have to make sure its your customers credit card, so you ask for a photo ID which states his name in it, that way you sure who is he and you get his signature on the authorization letter, it wouldn't take more than 5 min, of course will have it faxed here.
Better be safe than regret it by paying chargeback fees etc

the only thing I am gonna goe for probably is sending out the authorization leter to be signed, bith sides of teh credit card and the ID.
It might bring my ratio of conversions down ...

.... to zero ....

remind me not to invest in your business .....

(clue - most fraud is easily prevented using standard systems and common sense without making shoppers jump through hoops - shoppers won't jump through hoops, they'll simply buy elsewhere - plenty of info in previous threads)

Respect your point, but I still it's important to get the customer to fax that auth letter, if he is really interested in the item he will, its a security measure.
I am still debating on it though, It might bring the ratio of convertion down..

whatever you're selling can probably be bought elsewhere for a lot less hassle

but I still it's important to get the customer to fax that auth letter, if he is really interested in the item he will, its a security measure.
I am still debating on it though, It might bring the ratio of convertion down....

Yes, to approximately zero.

why not just sell them on Ebay with all the other 100's of other people selling sunglasses?

How is the average customer going to fax?

You really think someone's gonna fax you a copy of his ID?

What you've got is a scheme that will eliminate 100% of honest customers, but only 80% of the crooks, while driving your costs to the moon, requiring you to charge far more than any other sunglass site. LOL

OR

You could utilize traditional methods and a modicum of common sense in screening orders, and actually sell some products at a profit.

Lots of luck on selling sunglasses with your business model. And you have a bit of competition from places that will be a LOT easier to buy from:

Results 1 - 10 of about 17,800,000 for sunglasses [definition]. (0.13 seconds)

Are you selling high-price, one-of-a-kind items that people can't buy anywhere else? If so, then you can afford to ask people to go through the hoops of having to fax. However, it WILL dramatically lower your conversion rate. Why?

1) Not everyone has easy access to a fax machine. Or they may not have it at the same place they are using the Internet.
2) Not everyone has easy access to a printer.
3) Not everyone has easy access to a copy machine or scanner.
4) People buy on the Internet because they want to buy it NOW. Adding more steps and more work will force people to go somewhere else where they can complete the transaction more easily. So what if the other sites costs $5 more? My time is worth a lot more than $5. Plus you have to factor in the cost of the paper from printing/copying and the cost of the fax call.

Now, if someone wants to order 100 pairs, then I would certainly require a faxed authorization and copy of the card. But not for 1 pair, unless you're charging over $500.

You guys missunderstood me in here, some of you suggesting the sunglasses business wouldn't work etc
WRONG, I've being on the online business for quite a few years and I know what works and what don't
I am just trying to minimize the CC fraud ..
Definately putting this method on expensive items that goes over 350$ etc
Somebody asked if I had unique styles, I do some of the styles you see in my site aren't anywhere on the net. Got over 9000 products
Thanks for your input guys

3d secure buyer auth (VBV and MCSC) is the way to go. you'll be partially protected, the rest is common sense (more than one product per order, rush orders, etc).

sorry if this is a stupid question, but what does "rush orders" mean?

I've being on the online business for quite a few years and I know what works and what don't

So what are you doing to combat credit card fraud now? Can you share your years of experience with us?

3d secure buyer auth (VBV and MCSC) is the way to go.

I would have agreed on this, until my experience with some incompatibilities last year. We lost about $5000 in incomplete transactions. Our processor had some incompatibility with the largest card issuer in my area -- leading to these transactions being denied.

After about a week of debugging, we just had them disable and bang.. the transactions started working.

Keep an eye on incomplete transactions / denials if you do go down this route and get a large number of international orders.

shri, in our case all orders are US and all orders are buyer auth. we haven't had any issues yet, except that MasterCard's participation in the program is not as good as visa's.

we only ship to the card address, and use extreme caution with any orders that are rush. No chargebacks in the last two years.

On the other hand, I have dealt with a vendor (a printing company) that required a faxed copy of my drivers license, and a faxed copy of the credit card. This was for the 13th order I had placed with them, but this one was over the trigger point of $500. So suddenly I was a suspect transaction...

It was a royal pain in the ass.
1. They couldnt read the faxed drivers license
2. They couldnt make out the numbers on the card
3. It must have taken at least an hour on the phone trying to get it straightened out....

And the outcome was that I lost my temper and told the head of accounting that if they wanted any more of my money that they had better look at the history of my purchases and make a decision if I was going to defraud them.

They decided to process the order in the end. I have since found another vendor.

Your conversion rate will be zero..

Also, at some point you have to question the use of that information. In the wrong hands, all of that identity information can be abused.

Don't ask your customers for any more or less information than you can handle securely.

Red flags;

Next day or second day air to an address other than the bill-to.
Multiple quantities of the same item (who needs three toasters?).
Billing info in all small letters( I don't know why but internet thieves rarely use caps, script?).

Asking a customer to fax in a photo ID is just plain ridiculous. Guaranteed your conversion rate will be "0".
There are plenty of easier ways to combat fraud.

CVV, billing match-up, etc. Ask your merchant provider for tools and ideas.

Just pass the details through a known payment gateway and get nisurance on your business account to cover fraud!

I would have the customer fax me a copy of their license if I had any suspicions. I would also verify the phone number to the billing address through 411 to ensure that it was the person.

Let's see, I would always ask for the CC 800 service number on the back of the card to call for an address verification if need be. However my transaction processor had AVS(Adress Verification Screening) which was indicated on my shopping cart order if it passed the screen or not. Actually I had it set to decline processing the order if the ship to address did not match the billing address to avoid the funds going into my account. I always hated the extra work of returning the money if it was indeed a fraudulent order - waste of my time.

Have a credible payment gateway company process the card. If you set your merchant account up right you should have fraud insurance included. The way I understood it is that if you are processing credit cards through your own terminal then Visa/MC can suspend your merchant account. I have my payments processed by my payment gateway company and we don't even attempt to process any clients that don't come through our website. Most of the fraud orders have come through our e-mail and when we referred them to our website they refused to do it. If it sounds to good to be true it is.

Some gateways are even introducing a way to enter your PIN number online...effectively a CHIP and PIN service that they have in many stores.