It seems like this year credit card testing is so very abundant. Merchants needs to be aware and cautious. Let’s look at this issue and see what it is and what we can do to be protected.
Credit card numbers fall in to the hands of “villains” in many different ways. Sometimes the person has a bunch of information, sometimes very little. We all know there are things you need to use your credit card online (not present). So, the process for testing credit cards is essential for these criminals. But, there are things you can do to help protect yourself from headaches, charge backs and lost revenue.
1. If you have a bunch of new accounts on your site from the same person or email address, look closely at them. If you determine they are fraud then turn off that email. Many times this is a bot and making that email address not work can disrupt them…. Make your website difficult for hackers ALWAYS thwart their advance.
2. Be aware and look for spikes in the number of declined credit cards from the networks. Testing yields a bunch of declines for various reasons.
3. Fraud protection is a very necessary thing. Make sure you have things like these at a bare minimum setup in your fraud detection software:
- Block multiple attempts from the same IP address. I generally believe that 3 times is sufficient, if it’s a real customer, they’ll probably call.
- Make sure you are asking for the CVV2 number.
- Block transactions from one country delivered to another and fully block any countries you don’t ship to.
- Make sure you have setup AVS filters…. These can be a bit daunting, but read each one and decide if your customers would innocently trigger it.
4. Investigate every order when the bill to and ship to address are different. This sounds like a hassle, but charge backs generally cost you the merchandise and a $50 fee for the pleasure of being duped. We have found customers were glad we were checking and appreciated our effort.
5. Look for orders from the same IP with different billing, shipping etc.
6. It’s okay to call any customer if the order is large, “sketchy” or even if you are worried because they have a free email address like gmail or similar. YOU have every right to try to protect yourself and your customers.
7. “BLING” We know that customers are comforted by our boasting about security and protections for them, but fraudsters are put off by it! Bonus, these items also help your search ranks with Google, Bing etc.
It’s scary out there and I know we can’t catch them all…. But let’s be a pain in the hacker’s a$$ this holiday season!