There is a lot of rhetoric about keeping consumers safe online, preventing identity theft, preventing credit card fraud, etc. But what about businesses? Few people other than merchants realize that when there is credit card fraud, the business is the one who has to “eat it”. The consumer is protected by government regulation and by the bank, but the merchant is out the amount of the transaction plus fined between $10 and $35 in “chargeback” fees.
The reality is, when it comes down to a dispute, the banks will side with the consumer 90% of the time, even in the case of return disputes, defective products, etc.
As merchants, we must be proactive and take steps to mitigate risk and make it hard for crooks to rip us off.
Risk Warning Signs:
- The billing address and shipping address do not match
- The billing address and shipping address are in different states or countries
- The customer requests overnight shipping
- The phone number area code is in a different city than the billing or shipping address
Of course none of these things necessarily mean fraud. For example, I used my American credit card, with American merchants, to ship to an American address when I was living in Vietnam. And I overnight things all the time when we need something in a hurry. But, in general, these things increase the risk of the transaction.
Accept Credit Cards Online
I personally use and recommend CDG Commerce and/or Quantum Gateway. Not only do they have some of the best rates of any merchant (compared to a base rate of $75 per month for Authorize.net), but they give their customers tons of FREE tools to protect themselves from fraud. At Phi 9 we have rules setup within our merchant account to calculate the risk of every transaction.
So far, we have avoided all fraudulent transactions. And we hope to keep it that way.
As an online merchant, there is a fine line between too much security and too much risk. Too much security will deny legitimate transactions and too little will cause fraud and/or chargebacks.
Based upon the risk score, we do one of three things:
- Risk under a certain threshold is automatically approved.
- Moderate risk will trigger a verification phone call – this verification phone call requires the purchaser to verify their identity and receive a confirmation code to complete the transaction
- Very high risk is automatically declined and the customer is advised to use a different payment method such as Paypal
Verification phone calls cost us $0.25 each and the odds are that a “crook” isn’t going to bother verifying their identity on a phone system. Even if they attempt, most likely the system will decline them. Considering the price of JUST a chargeback is $25 (not including the amount of the fraudulent transaction), paying $0.25 for this added security is great value.
