My hosting company is getting plagued by credit card fraud. It is becoming an administrative nightmare and now are bank is starting to get a little edgie about it.... anyone out there using a fraud patrol program or have any good advice for how to cut this out. We already block dodgie cards, emails that have tried before and have a limit to the number of attempts with different cards - but this isn't enough though.... Help?

Well, for what its worth, your not alone. In the past 2 days I've had 4 fraud attempts. Right now I'm trying to think of what can be done to assist in determing and deterring fraud. I'm open to ideas though as this seems to be an ever increasing problem

this is daily routin work sechdule :D

it put me in deep thinking if don't get any fradulant order for a week. :D

actually you can not do much in this regards. All you can do is hire some professional large credit card processing company because they maintain there own negative credit card database. so once, any of there customer is hit by the fradulant credit card, next time credit card is automatically declined. examples are ibill.com and worldpay.com. In this way you will get some protection. Also worldpay offer some kine of gurantee on payment. for more details look at there web site www.worldpay.com.

cheerss. ;)

At one stage we were thinking of using address verification - but I believe some banks and International cards don't use this so that was out. Then our bank through out the V number verification - that is the authorisation number written on the signature space on the card - again we were stumped cos International cards and certain banks don't use this!

Anyone using the fraud patrol software with CyberCash or Verisign?? These companies will rate the level of fraud possibility on a card based on the amount of info you give them - they have access to large databases that enable them to establish it here is something funking going on- lots of charges in the last couple of days etc - the problem with this is you need to supply lots of info on the client which means adding more sign up fields on our online application form - we don't want the sign up process to be to laborious...........who knows.:confused:

Originally posted by mahinder
this is daily routin work sechdule :D

it put me in deep thinking if don't get any fradulant order for a week. :D

actually you can not do much in this regards. All you can do is hire some professional large credit card processing company because they maintain there own negative credit card database. so once, any of there customer is hit by the fradulant credit card, next time credit card is automatically declined. examples are ibill.com and worldpay.com. In this way you will get some protection. Also worldpay offer some kine of gurantee on payment. for more details look at there web site www.worldpay.com.

cheerss. ;)


I think revecom does that but you cant use your own merchant acct.

I have found it useful recently, due to an increasingly large number of fraudulent orders, to record the IP address of every order and to have a human look carefully at every order before charging the card. We catch 49 out of 50 fraudulent orders and those we don't catch are due to the person making the request either having 100% accurate information that looks completely normal or just using their own card and then denying the charges because they were a spammer who just wanted an account for a day to send out spam.

We keep the IP addresses in a database and compare new orders against the database--this highlights some problem account requests instantly from repeat offenders.

Our primary rule of thumb is, if there is even a shadow of a doubt, pick up the phone--a $0.50 phone call can save $10+ in chargeback fees and the hassle of the bank being ticked off. It does increase the cost of acquisition on an account, but experience has shown that it is worth it in the long run.

--Erika Stokes

A call saved me 20,000

I'm in the process of getting screwed right now. This guy signs up and uses the service for 7 months and now he says that it's not him.
I know it's him, I've provided email and phone support to him. He uploaded the files and everything. I have phone records with his phone number on it but I know since I don't have a signed reciept, the credit card company will give him his money back with basicly no questions ask.




:angry:

Bugster - that is the hardest part is you don't really have a leg to stand on - if the client chooses to charge back you really can't contest it. What I would do with your client is just refund him the fees - you save yourself on charge back fees at least.

Does anyone know of a company that we could report a risky or fraudulent card to - it would be great if we could just log the cc number with someone to prevent them from doing this again? that way we would at least have scare tactics on our side?? Threaten them with a black listing?? - too good to be true I am sure!

My companies problem is that we have automatic sign up - these fraudulent cards are getting through and only later are we able to suspend account etc - but we loose money on the charge backs later as well as the domain name registration fees that are already charged by our domain name reseller.

I will check out the ibill.com and worldplay.com to see if that will help us.

Thanks all for input
Debi

Originally posted by Bugster7947
I'm in the process of getting screwed right now. This guy signs up and uses the service for 7 months and now he says that it's not him.
I know it's him, I've provided email and phone support to him. He uploaded the files and everything. I have phone records with his phone number on it but I know since I don't have a signed reciept, the credit card company will give him his money back with basicly no questions ask.




:angry:

I would look into switching banks. If he signed up, used, and now said he never did use the service, keep all logs and phone records on him and when the credit card company sends you the letter that he is doing a charge back send it all to them and if it is true they will give you the money.

It works like that with our bank...

Customers never get the charge backs once they do use the service and if they do it is not the full amount.

It got to a point where we stopped auto sign up.
It is now to the point where we check the name and info that they used, email address must be from an ISP (no yahoo/hotmail), address must match or I call their bank. Also common sense...

-If the client puts one name on the account, and another on the credit card... it is a little flag.
-If the client uses and address from Indiana and their ISP is nyc.rr.com (NY Roadrunner) I get suspicious.

It is a battle out there. I don't know why these guys sit there all day signing up for accounts... half the time I get a chargeback the account wasn't used at all. I even have a few guys out there that sign up every day or so for an account even though I delete it and never send their hosting info to them.

Fight fire with fire, screen those accounts and eventually you may be known as a host not to bother trying to fraud until then. It's either that or take paper instead of plastic and go out of business.
;)

Regards
AH