Welcome to WebmasterWorld Guest from 126.96.36.199
Forum Moderators: buckworks
When we spot them (we do miss some, but we get most) we generally try to call the issuing bank to report the fraud. We can lookup the bank information on our merchant account website by entering the first six digits of the credit card number at issue.
Generally, when we do this, the company simply tells us that the purchase must be bad. We ask them to notify their security department, and they say that's the customer's responsibility. So then we try to get our merchant bank involved. They tell us to call the police. Of course, the police will take a report, but we have to do it locally, and the fraudster is generally thousands of miles away. So, it's all a big waste of time.
Why isn't there some organization that cares? Why don't customer's banks want this info so that they can mitigate their losses? Easy answer is: they simply charge them back to us, the merchants, so they couldn't really care less. They pull the money back from us, plus a charge for the service, and pop out a new account number and card for the customer.
As merchants, we need a better system. We see the same fraud attempts repeatedly from the same IP address, and to the same shipping address. We need some central location where all merchants can report this information and blacklist these shipping addresses (generally stores like Mailboxes Etc. and other drops). Email addresses are easy to change, but often these orders originate from the same IP address - or overseas IP addresses.
If your only shipping to the billing address you are way behind. You cannot run a successfull e-commerce sites with restrictions like that. People send gifts, people travel and they're going to want to ship items to other locations.
You [ the merchant ] are just the dirtbag out there shilling on the Internet. Your job is to give them [ card issuers ] their "share" of your revenue (and even their "share" of your refunds).
I gave up years ago reporting fraud. No one cares, not Visa, not MasterCard, not our acquirer, not our online processor, not the FBI, not local police.
The reason why no one cares but you and me is this: you and I pay for fraud, no one else.
if that's how you feel, why be in business?
I don't like the way that Visa and MasterCard do business, and the way that they treat merchants. I don't believe I have to close up shop and lay people off to prove that point.
accepting a fraudulent transaction is one of incompetence, ignorance or greed ........ why complain when it's charged back?
sounds like you're not running your business properly. large department stores budget for theft - the costs of theft (and security systems / tagging equipment / security guards etc etc) are all built in to the sale price of their products. you should be doing the same - passing on all costs to the customer, not taking the costs out of your own pocket.
but then again, why should i be telling you this? maybe it's in my interests if your business fails .........?
Just to clarify, you've called everyone that has accepted a fraudulent transaction incompetent, ignorant, or greedy. Then, you've suggested that I'm not running my business properly because I think that Visa and MasterCard should work with merchants to reduce fraud instead of just pushing costs back to them.
Oh, and just because a store works the cost of theft into prices doesn't mean they don't care when people shoplift. Having your property stolen, directly or through fraud, is not a good feeling. Having to put resources against monitoring your transactions for fraud is expensive, and trying to find a better way is a worthy goal for all online merchants.
Thank you, RailMan, for your well-thought and carefully prepared responses. They have been extremely helpful and are a tremendous contribution to this archive of knowledge.
I guess if you run a small e-commerce site you may not see a lot of orders not shipping to the billing address but the company I work for outsources 60 different sites everyone from Zales.com to Timberland.com to RadioShack.com which are high risk to low risk sites like Linens N things and PBS.
Point being we take as a whole 10's of thousands of orders a day during slow times. Out of theres a lot of valid orders shipping to a different address. If we only had people ship to their billing we would lose millions of dollars. Theres ALL types of reasons to ship items to a different address
-send gifts to son or daughter at college
-traveling on business
Your really limiting yourself if you deny orders that do not ship to the bill to.
think that Visa and MasterCard should work with merchants to reduce fraud instead of just pushing costs back to them.
but then the merchants don't bother using the tools ........
or they accept a transaction and find the billing address etc matches, but ship the goods to lagos or wherever, then complain about fraud .....
what can visa or mastercard do if the merchants don't use the tools provided, or don't use common sense? (the answer is nothing)
the overwhelming majority of fraudulent transactions can be identified / prevented by using the tools provided and using a little bit of common sense - that's all there is to it ....
Having to put resources against monitoring your transactions for fraud is expensive, and trying to find a better way is a worthy goal for all online merchants.
using real time processing / AVS / CVV / VbV etc etc etc is not expensive - and in any case it's a cost that's built into your pricing and passed on to the shopper
the biggest reason for NOT using real time processing and the anti-fraud tools is that merchants complain about the cost - they all want the lowest possible transaction fees - and like i said, the costs (like any other business costs) have to be passed on to the shopper