I was recently hired as a manager for a fairly large hosting company (1,000+ clients) that was really in the deep end.

I've sucessfully brought them back to a little bit below average, but I'm working to make them quite good, but I'm running into quite a problem.

The owner of the company says we can't do instant activation due to fraud. I know there has to be a way to avoid fraud, and still allow the accounts to get instantly activated and created, without people having to deal with it.

We have a ModernBill license, and a membership to Autorize.net, so what should we do?

I'd really like it if someone could provide me with this information, because it'll certainly help me, and probably a lot of other people.

If your goal is to minimize fraud while also having instant (or nearly instant activations), I'd recommend implementing a solution like FraudGate.com or another equivalent service.

These services do a live phone call back to the customer at their phone # and prompt them to enter in the PIN# or invoice# that was provided at the time of sale.

Thus, it "validates" that they were indeed present and reachable at the specified phone #. Most fraudsters will never give out a phone # that they can be reached at for obvious reasons... they do not want anything to trace back to them.

In addition, FraudGate will run a fraud score based on the user's IP address and a number of other variables in a manner much akin to MaxMind's service.

But for your intended application - I'd definitely recommend proceeding in a direction like the one outlined above as a way to prevent yourself from getting hammered by fraudulent orders.

You may also want to implement the Authorize.Net Fraud Detection Suite (FDS) to help block it if someone attempts to test cards numerous times while incurring authorization expenses to you as the merchant on each attempt.

Lastly, you'll want to also make sure that you require a full AVS match (for U.S./U.K.) and full CVV match on every signup as well... this can be configured on the Authorize.Net side under the config area.

I agree with Chris. Implementing fraud scrubbers will certainly help reduce (not eliminate) the risk of fraudsters.

I would recommend using FraudGuardian in conjuction with MB. It is a cheap method of fraud verification. If you want to add a second layer, you could also use Varilogix call verification system.