January 19, 2010

Credit Card Fraud: How to Protect Your Business


Hostway Team

By Janet Attard

More people than ever are shopping online, using their credit cards to buy everything from business and consumer products and services.

That's great news for small and big ecommerce sites alike. More people using their credit cards to buy more gifts, should mean more profits for most online businesses if they aren't victims of credit card fraud.

Credit card fraud, unfortunately, can quickly turn a prosperous holiday season into a nightmare for a small business. The owner of a small mail order business located in California had to borrow from friends and family to make good on $14,000 worth of fraudulent charges made on stolen cards one year. The following year, the owner implemented procedures to screen out possible fraudulent orders and refused to ship $25,000 in orders that seemed suspicious.

Spotting fraudulent orders

Fortunately, if you sell online or over the telephone there are a number of steps you can take to minimize the occurrence of fraud.

First and foremost, be on the look out for suspicious sales. These include:

  • Unusually large orders placed through the Internet without any contact from the customer.
  • Rush orders for large quantities or high-priced goods. Crooks may ask to have an order shipped overnight so they know exactly what day the order will arrive and they can be waiting to pick it up.
  • Missing information, or information the customer refuses to give such as a day-time phone number.
  • Orders that are shipped to a different address than the billing address.
  • Orders from foreign countries.
  • Orders on US cards shipped to foreign countries.
  • Billing addresses that don't match the information on file with the credit card company.

By themselves, no one of these things are a sure sign that a credit card is stolen, but when several factors are present (say, your average ticket amount is $75 and you see an rush order for $5,000 being shipped to a different address than the address of the credit card holder) it's prudent to be suspicious and investigate the sale.

Even if there's only one factor that doesn't pass your "sniff" test, it's useful to err on the cautious side. As an example, not long ago, someone using a credit card with US address purchased a product from us and wanted it shipped to someone by a different name in another country. The particular product was one that wouldn't be a lot of use to anyone in the country it was being shipped to, so we called the credit card holder to verify the shipping address. The credit card holder hadn't made the purchase. Neither had anyone else authorized to use the card. The card and the cardholder's contact information had been stolen.

What should I do if an order does sound suspicious?

Under any of the above circumstances you should be particularly cautious and do everything possible to ascertain the person ordering the merchandise is actually the cardholder, or an authorized representative of the cardholder.

These tips, though not infallible, may help you decide if an order is legitimate:

  • Get the complete name, address, ZIP code and phone number for the cardholder.
  • Require customers to enter the 3-digit card code number from the back of their credit card.
  • Verify that the billing address of the card holder is correct. Then, verify the information you are given by calling the merchant bank or using whatever other address verification system is in place through the ISO that processes your charges. If the address you were given doesn't match the address of the cardholder, don't ship.
  • Implement a fraud detection service that blocks suspicious transactions based on where they originate, or other factors. (Online credit card processing gateways such as Authorizenet have these available for a fee.)
  • Use address an address verification service (AVS) to block sales when the billing address entered online doesn't exactly match the billing information on record for the cardholder.
  • If a sale looks suspicious, find an excuse to call the customer back, using the phone number he or she gave you, and ask to speak to the cardholder. If you can't reach the cardholder, don't ship the merchandise. People who use stolen credit cards don't give out their real phone numbers.
  • Look up the address and phone number of any local orders in the phone book.
  • Send a reminder letter to people when you ship an item telling them the item has been shipped and when they can expect it to appear on their bill. This type of letter can reduce complaints and chargebacks from people who simply forget what they ordered or from whom.

NOTE: Don't automatically discredit an order that looks suspicious. I once had someone place an order and ask that it be shipped to Mickey Mouse. The address verification feature on Authorize.net didn't find any problems with the address. My order form includes a place for an e-mail address, and the person had included their e-mail address, so I sent them a note to ask about the order. The individual, who had used his real credit card data and real address for shipping had used the name Mickey Mouse, because he was afraid to use his real name on the Internet.

About the Author

Janet Attard is the founder and CEO of www.BusinessKnowHow.com , a popular small business Web site that provides ideas and strategies for growing a business and making it profitable. The site attracts 3 million visitors a year, contains thousands of free articles about sales, marketing, internet marketing, business finance, ecommerce and all phases of starting and growing small and home businesses. Janet is a small and home business expert and has authored several books for business owners and startups. Visit Business Know-How and sign up for their free newsletter at www.BusinessKnowHow.com.

Stay in the Loop

Join Our Newsletter

Stay ahead of the pack with the latest news, web design advice, and digital insights, delivered straight to your inbox.
This field is for validation purposes and should be left unchanged.
© Copyright 2021 Hostway. All rights reserved.