I'm wondering, if someone buys my goods from my store with stolen credit cards and I ship the goods out before the real owners find out and get a chargeback, what happens to me? Will I get reimbursed as a business or do I just have to write it off as a loss?

You lose the money and the goods. That is, the stolen credit cards will be charged back to you, so you don't get the money, and you've lost the goods as you've already shipped them.

There are some simple common-sense ways to minimize these risks. Call everyone on the phone to verify them. Get their details verified with the credit card company if it's a really big order. If it's a really big order, make them fax the card to you with a signature and a note authorizing the purchase. Get them to pay some other way that isn't refundable. Don't ship goods to Nigeria or any other "high risk" place. Wait about a week before shipping to verify that it doesn't get charged back.

If you're shipping physical goods it's vital you get familiar with how to verify orders and keep yourself safe.

Is there any steps for me to report this kind of behavior or is that all the credit card companies thing?

...Wait about a week before shipping to verify that it doesn't get charged back...

This will violate many TOS with service providers, and may in fact violate VISA/MC terms themselves. With my provider, charge and shipment must occur at the same time. If you charge, but don't ship for a week, you actually risk a chargeback if the consumer finds out and doesn't like the practice.

Use proper fraud scanning at the time of signup. This will tell you if the card is a risk or not. If it's above risk factor X, don't accept it.

Utilizing proper scanning is important, and will definitely help cut down the fraud from this.

This will violate many TOS with service providers, and may in fact violate VISA/MC terms themselves. With my provider, charge and shipment must occur at the same time. If you charge, but don't ship for a week, you actually risk a chargeback if the consumer finds out and doesn't like the practice.

How does this work for online merchants? I am pretty sure that when I place my order Friday night, my card is charged immediately but with all best intentions their warehouse will only start processing the following monday?

We use 3D Secure from Visa and Mastercard.

Basically the customer has to provide additional information during the transaction, including a preset password they have decided on directly with their bank and their DoB. The bank verifies this in real time and uses it as a deciding factor on whether to authorise the transaction or not.

All UK banks are now part of this scheme, I am unsure if any US banks have implemented this yet? I would assume so as it's a global scheme.

It does mean however that if the customer successfully answers the additional questions and provides the correct password during the order process, the liability if fraud has occurred is passed from you to your bank so you are guaranteed the funds regardless.

We use Royal Bank of Scotland and protx.com. You should ask your provider if they are able to enable this on your account. We have found the system to be very effective in cutting down fraud.

You may also wish to use a BIN gateway to lookup card issuer info. There are several companies providing this gateway online.

You can then ask your customers the name of the bank who issued the card during the check out process, this seems very simple, but most criminals have received the card details only, they have no idea what the card looked like or indeed which bank issued the card.

I would also agree with Brianoz about not shipping to high risk countries and phoning customers to verify on orders over a specific value.

Basically, don't rely on default fraud prevention techniques used by your payment processor, chances are they will only be doing the most basic techniques required because of pressure from the banks.

I hope this helps :)

Ben.

I am unsure if any US banks have implemented this yet?

I have heard of this being done in the US, other companies like Paypal now have key fobs that generate a new pass every X seconds as well. I wish I had one of those for my bank accounts!!

does anyone know why chargebacks are such a problem with online purchases. I have even been affected.

Credit cards have been in use for a long time-- and there should be a lot of lessons learned. what is causing all of this?

I agree.

The banks are always on the side of the consumer, never the merchant. It's also too easy to request a chargeback, with most card issuers it simply requires a phone call requesting one, no other information is asked for.

I understand many chargeback cases are genuine, stolen card details etc, but also in many cases its the customer simply lieing to their bank (certainly with digital products, e.g. online game points and adult sites where product delivery cannot be proven to an extent where the bank would accept it).

I think the banks need to rethink their procedures and actually investigate each case before taking any action. Although I doubt this will ever happen.

Although there are companies offering "Chargeback Insurance" now, at least in Europe, again I'm unsure about the US. Could be an option.

As you say, lessons should have been learned by now :)

Ben.

How does this work for online merchants? I am pretty sure that when I place my order Friday night, my card is charged immediately but with all best intentions their warehouse will only start processing the following monday?


No... your card is not charged immediately. There may be an "authorization" run through to validate the card and put a hold on the funds, but the card is not technically charged until the order ships.

This is why when you order three items from an online vendor, and they ship it in separate shipments (either from different locations, or on different dates), you'll see a charge on your statement for each separate shipment.

Chargebacks are definitely a source of frustration for virtually all online merchants. One thing that I do think is often NOT well understood is that you, as a merchant, DO have the right to attempt a "representment" if you get a chargeback that you feel is unfair.

While some merchant processors do not spend much time educating their merchants about this, I definitely recommend it to everyone to do in the event that you have a chargeback that isn't the result of a stolen card or outright fraud.

With a representment, you can submit your side of the situation back to the issuing bank along with proof of the transaction. The more documentation you have, the better. For instance, if you have a matching CVV, AVS and/or e-mails from the cardholder, this can all assist you with potentially reversing the chargeback.

Another powerful tool in the arsenal is Verified by Visa/MasterCard SecureCode, mentioned by another forum member above in this thread. By using VBV/MSC, you can literally block more than 60% of the most common chargeback reason codes from ever hitting your account AND even for recurring transactions, you can have substantially increased protection if you submit a representment showing that you had a positive authentication match on the first transaction.

Other tools that you can use include phone verifications - whether manual or automated - and looking at things like the IP address on the sale and comparing it to what was specified as the customer address.

These systems are definitely worth the small investment in time to setup and can really provide substantially increased protection against chargebacks and fraud losses on the merchant level.