Detecting Fraudulent Activity on Your Merchant Account

EMV credit cards are becoming very widespread throughout the world, including the U.S.A.  This is great for reducing the amount of credit card fraud and theft of financial data for unauthorized purchases at brick-and-mortar retail stores.  Unfortunately, because consumers’ information is becoming harder to acquire from physical retail stores, thieves are developing new ways of stealing financial data from online retail stores.  This is where the EMV chips aren’t able to protect against theft.  In fact, some experts are predicting the Web-based credit card fraud may reach $6.4 billion by 2018.

For businesses selling goods online, the cost of credit card fraud is high.  It means extra paperwork, lost time and reduced consumer confidence. Because there are so many factors that go into credit card fraud protection, it’s important to balance the protection you need with a reasonable budget.  Let’s examine some ways in which you need to protect against fraud.

Dealing with Card Not Present

When dealing with card not present transactions in e-commerce there are still ways to help ensure the user of the card is the real owner.

  • Card Verification Value (CVV) is the three or four digit value on the back of a card.  Requiring a customer to provide the correct code can verify if the card is truly present.
  • Verifying the address is another good method. Is the billing address provided the same as the address on file with the card issuing bank? Is the customer using a different shipping address than the billing address and are they very far apart?

Using Physical Location

Some international payment gateways have solutions which provide IP tracking and other filters to control whether a card will be processed or not.

  • Geo IP tracking allows you to reject transactions from pre-specified countries, for example, you can set up automatic rejections from China, Russia and Spain.
  • You can set your filters up to check when a credit card is used and if it was used in the issuing country or a foreign country.  This can also let you accept credit cards from specific countries.
  • Payment gateways such as First Atlantic Commerce, which partner with Kount, have IP proxy detection, too.  This lets them detect if the visitor using the card is trying to hide their location via IP proxy and if so you can review and decide to accept or reject the transaction, based on other factors.

Extra Fraud Detection Measures

There are a host of other fraud detection measures which are available as well.

  • Using filters you can see if an unusual number of transactions are coming from certain IP addresses and see how often they are coming.  You can then use this to restrict how many transactions can be processed in a given amount of time.
  • With Kount you receive a ‘score’ for each transaction. This score looks at previous history of the credit card’s use to see if it has been involved in suspicious activity previously.  Then it can give you a score from 1 to 99 in real-time for every transaction. The higher the score the greater the risk of fraud is present.  You can set up your system to refuse a transaction if the score is too high, say 60 or above.
  • You can also set your system up to have thresholds and quotas. This means transactions above and below certain amounts will be automatically rejected.

The above are just a handful of features provided by advanced international payment gateways such as First Atlantic Commerce.  If you’re an online merchant, make sure you are employing the above methods and more (if your budget allows) to protect yourself and consumers from credit card fraud online.