RE: [uk-netmarketing] Re: Offline Verification of Credit Cards

[Robin Edwards]

Definitely great stuff if you can make it apply to you.


Obviously this is a big problem for merchants trying to ship goods for next

day delivery. I wonder if they are hit by a higher percentage of fraudulent

transactions as a result? Also, the high volume guys, such as Amazon, would

find it very difficult to manually check every name, address and phone

number against the electoral register. I know they use fraud screening

services, such as Cybersource, but can that validate name against address

and telephone number automatically?


Anyone got any figures on how big a problem CC fraud is in the UK for

various sectors?



--

Robin Edwards

Clockworx

T: +44 1543 252370           F: +44 1543 420761

E: robin@clockworx.co.uk   W: http://www.clockworx.com/ W2:

http://www.shopworx.net/


> -----Original Message-----

> From: Ben Thompson [mailto:ben@babyhippo.com]

> Sent: 09 February 2001 21:05

> To: uk-netmarketing from chinwag

> Subject: [uk-netmarketing] Re: Offline Verification of Credit Cards

>

>

> From a conversation with the Visa's Fraud section circa 1997.

>

> 1) Check everything, trust no-one.

> 2) Leave the authorisation of each transaction to as later as

> possible. If possible only authorise just prior to the goods

> being despatched. Note we are talking about authorisation not capture.

> 3) Delay everything. 96 hour delivery rather than 72 hours won't

> really upset anyone but gives more time for the card to be

> reported stolen.

> 4) Validate addresses. Check the postcode to the address and

> ensure it matches. Check the house number against the list of

> valid numbers for that postcode.

> 5) Validate the name with the address.

> 5b) If it doesn't match give them a ring (try between 7 and 8

> rather than during the day). Use a prepared script (it makes

> things easier).

> 6) Compare Credit Card numbers with the ones you already have. If

> you've already seen the card don't accept it (unless the email

> address and postcode match). (You can do this without storing the

> actual credit card details, we do it all the time).

> 7) There are various tricks you can do with credit cards. I'm not

> going into those here (and to be honest, I don't think I'm

> allowed to anyway).

> 8) Above all else apply commonsense.

>

> Finally, remember it may take 3 months for a stolen card to be

> noticed and 9 months for you to be told (holders have upto 6

> months to initiate chargebacks, banks 3 months to pass that

> information the merchant). Just because someone has already made

> 2 purchases in the past month doesn't mean that the card isn't

> dodgy. It may just mean that no statement has appeared yet.

>

> Hope that helps and if you need anything more I'll happily have a

> look and see what else can be done.

>

> Ben Thompson