Page 1 of 2 12 LastLast
Results 1 to 25 of 26
  1. #1
    Join Date
    Jul 2005
    Location
    Maine, US
    Posts
    521

    What do you do about chargebacks?

    We just had a client order a $200 server with us. Everything went through maxmind and 2checkout fine. So we got this server setup and online. A week later a charge back was issued and the person got $200 back. This is the first time for us having this happen. What does everyone else do about this?

  2. #2
    Join Date
    Oct 2004
    Location
    Ohio
    Posts
    1,668
    First thing I would do would be pull the server. Then I would call the # for the person who ordered it and see whats up.

  3. #3
    Join Date
    Sep 2004
    Posts
    1,007
    I do believe that you can dispute chargebacks... If you show that the client made no attempt to contact you to resolve any issues he had, the chargeback may not be justified on their part.

  4. #4
    Join Date
    Apr 2009
    Location
    New Jersey
    Posts
    367
    Well I hope your going to fight the chargeback, their merchant agreement if they paid with a Visa or Mastercard states that before they file a chargeback they must first contact you for a solution. They are probably going to say that they contacted you so I hope you keep a phone log, ticket/e-mail log as you can provide that as proof.

  5. #5
    Join Date
    Jul 2005
    Location
    Maine, US
    Posts
    521
    [* Sent: Vendor *] ***CHARGEBACK Details PLEASE DO NOT ATTEMPT TO REFUND THIS ORDER **2069711** Reason code 4837/37: No Cardholder Authorization - The Cardholder claims no one authorized to use this card placed this transaction. To resolve this chargeback: Documentation might include a legible, signed sales draft, proof of delivery, proof of positive AVS and/or a matching bill to and ship to address. You have 10 days to submit this information to 2Checkout.com's Disputes Department. After the 10 days challenging is no longer an option. The chargeback would need to be resolved with the cardholder directly. There is a challenge fee of $15 USD to challenge a chargeback. If you have any questions please contact us at chargeback@2co.com.


    Thats what it says in their order on 2checkout. So I am going to give it a shot with some logs and proof and see how it goes. Thanks for the help guys!

  6. #6
    Join Date
    Apr 2009
    Location
    New Jersey
    Posts
    367
    No problem, remember even though they are saying they did not authorize the charge, they still needed to contact you.

  7. #7
    Join Date
    Feb 2004
    Location
    USA
    Posts
    1,572
    Keep us updated, wondering how this will go.

  8. #8
    Quote Originally Posted by Ryan - HostATree View Post
    [* Sent: Vendor *] ***CHARGEBACK Details PLEASE DO NOT ATTEMPT TO REFUND THIS ORDER **2069711** Reason code 4837/37: No Cardholder Authorization - The Cardholder claims no one authorized to use this card placed this transaction.

    Sounds like it could be their card was stolen and someone else used it to signup. If that is the reason they are giving, and you do not have an actual signature from them, there is little recourse that you will end up having.

    Years ago we used to require signed contracts from all our dedicated server clients (then again, hardware was much more expensive then as well). People were annoyed, but it kept fraud to a minimum. Now if we're uncertain of an order, we do sometimes ask people to fax a copy of their card along with an ID.

  9. #9
    Join Date
    Apr 2008
    Location
    Europe
    Posts
    544
    Hi,

    We had similar problems with 2CO.
    An solution for this is as datarealm mentored to ask customer to scan his personal ID and CC.
    // AltusHost - European Web Hosting Provider
    // Dedicated Servers & Managed Hosting that your business can depend on.
    // Multiple Locations: Netherlands | Sweden | Bulgaria | Switzerland
    // Superior 24/7 Technical Support

  10. #10
    Join Date
    Jul 2001
    Location
    Canada
    Posts
    201
    Best to not offer instant service to clients with certain criteria

    - country of sales
    - email address used

    and hold the instant service.

    Than manually handle it:


    - make your ordering system a little bit more intelligent and log the IP of the sales.

    Use the link http://www.networldmap.com/TryIt.htm?GetLocation to check where this IP come from. Please note most of the frauds come from a proxy in USA. An IP in USA does not mean the sale comes from there. But worth to use the IP to check the location of the order.

    - Call the customer at the number they provide and see the number is right or the person answering the phone knows about this order.

    - Check how they found you on the search engines or referral from friend?
    What was the keywords they used to find you.

    It will be very easy to see if this order a legit or fraud after spending 3 minutes based on the information you collected.
    MBT
    SiberName.com is an ICANN/CIRA/Eurid Accredited Registrar. since 2000.

    Canadian Registrar for .CA Domain Names Registrations. Canadian Web Site Hosting Service Provider.

  11. #11
    Join Date
    Nov 2000
    Posts
    374
    Quote Originally Posted by mbulent View Post
    B
    - make your ordering system a little bit more intelligent and log the IP of the sales.

    Use the link http://www.networldmap.com/TryIt.htm?GetLocation to check where this IP come from. Please note most of the frauds come from a proxy in USA. An IP in USA does not mean the sale comes from there. But worth to use the IP to check the location of the order.
    I'm guessing the Maxmind check covered at least these two.

  12. #12
    Join Date
    Nov 2000
    Posts
    374
    Quote Originally Posted by Ryan - HostATree View Post
    There is a challenge fee of $15 USD to challenge a chargeback.
    That sucks!

    You'd think that they'd want and encourage you to provide documentation to prove the order is legit as opposed to charging a fee.

  13. #13
    Join Date
    Aug 2009
    Location
    England
    Posts
    198
    I hope they refund the fee if you are successful.
    Kind Regards
    Christopher Smith

  14. #14
    Join Date
    Apr 2009
    Location
    New Jersey
    Posts
    367
    Quote Originally Posted by cscarlet View Post
    I hope they refund the fee if you are successful.
    They won't because their bank charges them. The only gateway I believe that may refund you that fee is Google Checkout but I am not 100% sure.

  15. #15
    Join Date
    Oct 2006
    Posts
    452
    Do you have proof the customer did authorize the charge? Maybe you should contact them and see if that would be enough.
    Fully customized hosting to your specific needs, no general plans found here!
    'Read before you click I agree' - J

  16. #16
    Join Date
    Jan 2008
    Posts
    51
    No they don't.

    If the person claims that he wasn't the one that purchased and somebody else had stolen his credit card details why he needs (or even knows how) to contact the seller.

    The problem is that it became too easy for the credit card holder not just to deny that he was the one that made the purchase ("wasn't me") but also to charge-back in any other cases (i.e. on the claim that the goods/services weren't received).

    We are having a huge increase in such clients from Turkey right now.

    Quote Originally Posted by GigeWeb View Post
    No problem, remember even though they are saying they did not authorize the charge, they still needed to contact you.

  17. #17
    Join Date
    Sep 2008
    Location
    Melbourne
    Posts
    405
    We used to have this a lot. We only use PayPal, and only accept payments from verified accounts. Also make sure to use something like MaxMind.

  18. #18
    Join Date
    Jan 2003
    Location
    Chicago, IL
    Posts
    6,957
    Quote Originally Posted by AHN-Andrew View Post
    We used to have this a lot. We only use PayPal, and only accept payments from verified accounts. Also make sure to use something like MaxMind.
    Verified accounts are just as likely to be phished as non-Verified accounts.

    I still don't get why PayPal seems to care so little about the phishing of their accounts...
    Karl Zimmerman - Founder & CEO of Steadfast
    VMware Virtual Data Center Platform

    karl @ steadfast.net - Sales/Support: 312-602-2689
    Cloud Hosting, Managed Dedicated Servers, Chicago Colocation, and New Jersey Colocation

  19. #19
    Join Date
    Jan 2008
    Posts
    51
    For PayPal to care they must loose from it (financially).

    As I see it PayPal doesn't really looses anything from phished accounts, if any it gets - as it's income is generated from moving the funds from one account to another.

    To greatly increase the security of the PayPal today they have to supply to the customers with SmartCard based devices, and even these may be not effective in all cases.

    Ironically, actively promoting these devices may have a negative psychological effect and hurt both the image and the business of the PayPal, and that is why I believe they don't do this - as PayPal was raised as a secure alternative to paying by credit card, and if it's really not so secure why to use it in the first place?

    For people that understand the matter it would actually make PayPal a more attractive, but it can scare away those who have no understanding, and these are both most of the customers and most of those that fall into phishing scams.

    It brings us to another important point, and it's that there is really no way around good customer education about the security issues to prevent the scams.

    Quote Originally Posted by KarlZimmer View Post
    Verified accounts are just as likely to be phished as non-Verified accounts.

    I still don't get why PayPal seems to care so little about the phishing of their accounts...

  20. #20
    Join Date
    Jan 2003
    Location
    Chicago, IL
    Posts
    6,957
    Quote Originally Posted by lprise View Post
    For PayPal to care they must loose from it (financially).

    As I see it PayPal doesn't really looses anything from phished accounts, if any it gets - as it's income is generated from moving the funds from one account to another.

    To greatly increase the security of the PayPal today they have to supply to the customers with SmartCard based devices, and even these may be not effective in all cases.

    Ironically, actively promoting these devices may have a negative psychological effect and hurt both the image and the business of the PayPal, and that is why I believe they don't do this - as PayPal was raised as a secure alternative to paying by credit card, and if it's really not so secure why to use it in the first place?

    For people that understand the matter it would actually make PayPal a more attractive, but it can scare away those who have no understanding, and these are both most of the customers and most of those that fall into phishing scams.

    It brings us to another important point, and it's that there is really no way around good customer education about the security issues to prevent the scams.
    PayPal currently has the tools needed to completely eliminate account phishing. They make these methods available for purchase, but do not advertise this fact, thus are failing on the education front as well. You can purchase the physical key generation devices, but I don't get why they don't just give them away, or at least have a system to verify one was used to make a payment, etc. I encourage EVERYONE with a PayPal account to spend the $5 for the key device to protect your accounts.

    World of Warcraft does a better job promoting these devices and that is for a GAME!
    Karl Zimmerman - Founder & CEO of Steadfast
    VMware Virtual Data Center Platform

    karl @ steadfast.net - Sales/Support: 312-602-2689
    Cloud Hosting, Managed Dedicated Servers, Chicago Colocation, and New Jersey Colocation

  21. #21
    For those that care, paypal now has two hardware dependent ways of authentication. One is the hardware fob, and the second is one time pin's sent to your SMS device.

    The next step would be for the postback information to include the method of authentication so that the vendor would refuse anything that is not authenticated using these methods. Howver, that is unlikely to happen because the vendor would have to refuse too many sales to make this workable, it would inconvenience cutomers too much, and it would be a support nightmare.

    But, at least you are free to protect your own account this way.

    In any case, contesting chargebacks with third party payment processeors like 2CO is a complete waste of time. It seems to be more of an additional revenue stream to them than a service to help their clients.
    Last edited by plumsauce; 10-18-2009 at 12:34 AM.
    edgedirector.com
    managed dns global failover and load balance (gslb)
    exactstate.com
    uptime report for webhostingtalk.com

  22. #22
    Join Date
    Jan 2008
    Posts
    51
    It's seems that you hadn't read carefully what I said.
    I think that I clearly explained why I think they won't do this.

    Unless required by law they won't bite themselves... twice.

    Quote Originally Posted by KarlZimmer View Post
    PayPal currently has the tools needed to completely eliminate account phishing. They make these methods available for purchase, but do not advertise this fact, thus are failing on the education front as well. You can purchase the physical key generation devices, but I don't get why they don't just give them away, or at least have a system to verify one was used to make a payment, etc. I encourage EVERYONE with a PayPal account to spend the $5 for the key device to protect your accounts.

    World of Warcraft does a better job promoting these devices and that is for a GAME!

  23. #23
    Join Date
    Aug 2009
    Location
    England
    Posts
    198
    Quote Originally Posted by KarlZimmer View Post
    PayPal currently has the tools needed to completely eliminate account phishing. They make these methods available for purchase, but do not advertise this fact, thus are failing on the education front as well. You can purchase the physical key generation devices, but I don't get why they don't just give them away, or at least have a system to verify one was used to make a payment, etc. I encourage EVERYONE with a PayPal account to spend the $5 for the key device to protect your accounts.

    World of Warcraft does a better job promoting these devices and that is for a GAME!
    I never knew that, definatly getting one for my own account then
    Kind Regards
    Christopher Smith

  24. #24
    Join Date
    Jan 2008
    Posts
    51
    That's right, for the reasons mentioned they don't advertise it and you really need to search hard to find any info about this.

    Even their help and security guides don't mention these keys on the main pages and you have to search for it (which is a bit hard without knowing they have any).

    BTW these are OTP keys, not SmartCard based devices which are more secure, but a bit more complicated to use.

    Quote Originally Posted by cscarlet View Post
    I never knew that, definatly getting one for my own account then
    Last edited by lprise; 10-18-2009 at 04:35 AM.

  25. #25
    Join Date
    Jan 2008
    Location
    Portugal
    Posts
    1,021
    Quote Originally Posted by lprise View Post
    That's right, for the reasons mentioned they don't advertise it and you really need to search hard to find any info about this.

    Even their help and security guides don't mention these keys on the main pages and you have to search for it (which is a bit hard without knowing they have any).

    BTW these are OTP keys, not SmartCard based devices which are more secure, but a bit more complicated to use.
    https://www.paypal.com/pt/cgi-bin/we...r-security-key
    https://www.paypal.com/pt/cgi-bin/we.../PPSecurityKey


    That, security keys.

    However it says it is unavailable right now when I try to order it.


    P.S: Its free to business accounts.
    Senior System Administrator / DevOp - LinkedIn / MailChannels Director of Sales, Europe
    MyW - Shared/Reseller Hosting & Server Management (cPanel/DA/Virtualization Servers)

Page 1 of 2 12 LastLast

Similar Threads

  1. Chargebacks in TOS
    By broncorobert in forum Web Hosting
    Replies: 3
    Last Post: 10-09-2006, 09:17 AM
  2. A way around chargebacks?
    By Philipf in forum Ecommerce Hosting & Discussion
    Replies: 9
    Last Post: 05-11-2004, 02:15 AM
  3. Chargebacks
    By fewcoin in forum Web Hosting Lounge
    Replies: 1
    Last Post: 09-26-2003, 12:03 PM
  4. chargebacks
    By apastor in forum Running a Web Hosting Business
    Replies: 3
    Last Post: 04-21-2003, 05:24 PM
  5. Chargebacks
    By Lirath in forum Running a Web Hosting Business
    Replies: 24
    Last Post: 11-30-2002, 06:03 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •