Field Test: Fraud Prevention, Part 3 of 3

In Field Test, Practical eCommerce gathered ten seasoned ecommerce merchants and asked each of them the same questions around a given topic. This month’s topic is fraud prevention.

The participating ecommerce merchants are: Dave Norris, House of Antique Hardware; Chris Stump, Only Hammocks; Mike Feiman, PoolDawg; Dan Stewart, Xtreme Diesel Performance; Roman Kagan, Appliance Parts Pros; Cindy Barrileaux, Write Your Best; Claudette Cyr, Gear-Source; Mike Butler, Bloom Designs Nursery; Kristen Taylor, Juvie; Jeff Muchnik, RedBox Tools; Kara English, Candles And Such

PeC: Has your ecommerce business been the victim of credit card fraud?

• FIELD TESTER 7: Yes.
• FIELD TESTER 8: Many people have tried to commit fraud with stolen credit cards, but no customers have been successful.
• FIELD TESTER 9: No.
• FIELD TESTER 10: One attempt, but we caught it before the order was processed and before the credit card was charged.

PeC: How did the fraud occur?

• FIELD TESTER 7: Either by fraudulent purchases, or we hear from someone tracking down stolen card activity.
• FIELD TESTER 8: N/A
• FIELD TESTER 9: N/A
• FIELD TESTER 10: The order looked suspicious from the beginning. Then the person that “ordered” actually called and said they wanted to make sure that the person in the “bill to” couldn’t find out where the order originated from and wanted to know if we tracked that information.

PeC: Does PCI compliance help prevent fraud?

• FIELD TESTER 7: Only in that it encourages strict standards and practices, which is the real key.
• FIELD TESTER 8: I would assume PCI helps, but I am not sure how it helps. My website has to be PCI compliant, which is expensive to maintain.
• FIELD TESTER 9: I believe PCI compliance does not completely solve the issue with credit card fraud. However, it does help prevent it in certain cases.
• FIELD TESTER 10: I think it helps, but I don’t think it makes a difference if someone tries to use a stolen credit card.

PeC: What steps do you now use to prevent fraud from occurring?

• FIELD TESTER 7: CVC/address verification.
• FIELD TESTER 8: My payment processor Authorize.net helps me prevent fraud using their technology. Also, Bank of America, which processes my Visa and MasterCard purchases, helps me find out if a credit card that is being used has been stolen.
• FIELD TESTER 9: We rely on a combination of Yahoo’s ecommerce platform and PayPal’s merchant processing for security. We also use credit card matching data. If an address or ZIP code is off, we like to verify their information and confirm that they were the ones that placed the order.
• FIELD TESTER 10: We look for anything suspicious like high dollar orders and if AVS and CVV match. If we are ever suspicious we call the phone numbers provided on the order and confirm the information.

PeC: Do you use third-party fraud detection products?

• FIELD TESTER 7: No.
• FIELD TESTER 8: Yes.
• FIELD TESTER 9: Yahoo and PayPal offer a decent level of fraud detection and protection. We have looked into using some additional security tools such as HackerSafe or VeriSign but have not implemented either.
• FIELD TESTER 10: Only what is offered through our gateway.

PeC: Which one(s)?

• FIELD TESTER 7: N/A
• FIELD TESTER 8: I use Scan Alert Hacker Safe and Verisign SSL.
• FIELD TESTER 9: N/A
• FIELD TESTER 10: N/A

PeC: What advice would you offer to other merchants concerning credit card fraud?

• FIELD TESTER 7: Certain types of merchants are bigger targets for thieves. If you’re one of them, you should be prepared for it, because it will happen. Jewelry and other small, high-ticket items are often targeted.
• FIELD TESTER 8: My advice is to be watchful over customers using multiple credit cards and not wanting delivery of goods going overseas. Ask your customers questions. Make sure they have proper telephone numbers, and don’t just email back and forth if you feel suspicious. Talk to your bank, as they will ultimately pay you the money you have earned.
• FIELD TESTER 9: I would recommend working with well-established companies that can help fight against fraud. Don’;t hesitate to contact customers on questionable cases — they will appreciate you looking out for their security.
• FIELD TESTER 10: If it looks suspicious take the time to investigate. Don’t just think it will never happen to you. It can happen to anyone.