Web Hosting Talk : Web Hosting Main Forums : Web Hosting : Credit Card scams

Id love to know what other hosts do regarding when they have been the victim of an account using a stolen credit card.

[Greg]

I am also getting screwed right now.


I have an account with InternetSecure...I've had it for years, but lately i've had people buying my CGI scripts, then going to their bank and saying they didn't buy anything, and the bank refunds then from my account plus charges me another $25.


It's not quite the same as your problem, but it is similar in the sense that the credit card holder is saying they didn't purchase anything, and i am getting screwed.


I have inquired how i can combat the fraud, and here are some of the responses my merchant account sent me:


For any fraudulent use suspected we have two systems in place in the new
system, see below.

1. AVS (address verification system) which checks the information given on
the internet form and checks it against the card holders information on
their statement through the banks. Not all banks use this, but the ones
that do, if the address does not match it will Voided.
2. Filtering, which can filter out information that leads us to believe
that there might be fraudulent use involved. (i.e.: e-mail addresses,
countries, IP addresses and credit card numbers)

Should you feel after contacting this customer that the person might be
fraudulent, you should either stop taking orders from them or contact
support@internetsecure.com and have that person blocked out or contact
Jackie.

In the banking world, Business on the Internet is called "card not present"
or "non-face to face transaction." These are treated in a similar manner to
Mail Order. The basis rules of any credit card transaction are that if the
customer is present, if the card is swiped (reading the card number off the
magnetic card swipe), if the signature is checked with what appears on the
back of the credit card then, and only then, the merchant can be assured of
being paid.

Some credit card issuers have different procedures from their competitors.
When a credit card holder lodges a complaint with a credit card company, and
if that transaction has been processed on the internet, some will:

1. Automatically reimburse the cardholder and charge the transaction back to
the merchant, which is called a Chargeback.
2. Ask for more information before making a decision, which is called a
Clear Copy Request. This process is one that is used by those who ask for
more information. Before issuing a chargeback they will ask for more
information regarding the sale in question. If the merchant has provided
clear evidence that the cardholder likely processed the transaction (i.e..
courier slips signed by the card holder or a type of form or receipt signed
by the card holder authorizing the sale) , then they will consider this in
whether or not to side in favor of the merchant. If they do not, and side
with the card holder, then a chargeback will be issued to the merchant.

In the merchant agreement, we do state the risks before signing up to become
a merchant: "Merchant shall indemnify and hold harmless IS, its employees,
officers, agents and directors, from all claims, expenses, and losses
occurring for any reason in connection with IS's sales of Approved products
to Customers specifically including, Customers refunds and / or returns and
chargebacks."

"Under the merchant agreements with Visa/MasterCard/Amex they do not
guarantee non-face to face credit card transactions, even though the
original transaction was approved. They only guarantee the transaction if
the merchant saw the card and has a signature from a credit card receipt.
These are the rules, but Internetsecure will forward any correspondence from
the merchant in these cases."

Bottom line is every time you take a transaction there is a risk - you have
to make the business decision of whether it is worth it or not. Any
business has been involved with some bad dept expense - perhaps it might
help to think of your chargebacks as bad dept. Checking your sales on a
daily basis for anything that looks odd or is missing proper information,
through the merchant area under "Transaction Query" is a good habit to get
into!

[scottlaw]

Greg,

We have experienced the same problems with people legitimately buying our products or services and then charging back. What we do now is include language in our contract that states if they chargeback we will charge a extra $75.00 collection fee in addition to the original fee. We also turn them over to our collection agency if we believe they purchased the product and did a chargeback in bad faith. Since we started this, our chargebacks have dropped to basically 0. I wish more online merchants would do this... I know a lot of us merchants are getting rolled by customers pulling this scam because online merchants let them get away with this. We are also working on prosecuting these individuals.

Thanks,
Scott

Scott:

Who do you use for you collections. We have customers who use the services and then they decide 6 months down the road to close the account and do a chargeback becuase the internet business world isnt for them, they claim they didnt get the service or because the site was down for like an hour they say they didnt get the service they paid for, one jerk even told me "I" broke my own terms of service, I told him to point it out, dumb moron wanted a refund for six months because we had a router problem for like 3 hours. In 6 months his server NEVER went down.

Greg:

But what does charging $75 solve? They will just fight it again and you will loose (again).

[MikeA]

What we do to help stop stolen credit cards is to have two seperate information sections. One is to register the site and the other is for the credit card. If we feel that the card is stolen or anything feels "hinke", then we call the number listed. It's much cheaper to pay .50 cents in long distance charges than to get hit with a $25.00 chargeback fee.

Another sure fire way to check for stolen cards is if the customer wants your highest account for 1+ years. On these we ALWAYS call the credit card phone number listed.

To date, knock on wood, we've only had one stolen card used and that was an overseas client.

------------------
Mike Astin
WebAuthorities
http://www.webauthorities.com

[This message has been edited by MikeA (edited 07-20-2000).]

Im on alert when I see they:

A: want to register a new site
B: The admin info is out of the states and the CC info is from the states
C: they want to DELUXE package

So you call the CC company when it looks funny. Interesting.

Ive thought about requesting a photocopy of the persons drivers license be faxed over, but if the CC was stolen from a wallet they may have that also.

[MikeA]

No, I don't call the credit card company, I call the person's phone number that they fill in on the order form. When the person says, "what are you talking about, I never ordered any web stuff", well then you know you have a fake card.

Call them. Trust me, it works.


------------------
Mike Astin
WebAuthorities
http://www.webauthorities.com

[PhUnB0i]

Recently, I've also seen a number of bad cards/charge backs. I think it's best that in any event a fee goes over a specified amount ( I use the $50.00 mark) to call the company or card owner and verify the charge. I'm kind of tired about these attitudes of "the customer is always right"... when in fact the majority of the time, they're looking to get out of a bill. In addition, though I allow registrations for up to 10 years, I don't offer any more than 2 on my site... so if you DO get burned, you're not eating the registration fee for 10 years... AND, I state a disclaimer that if a charge for a domain is made in bad faith, that the domain becomes property of my company and will be sold to the highest bidder. So far, I've only had ONE major charge back ($400) ... and that's where I wised up. Other than that, if you open yourself to automation, you open yourself to the charge back factor. Honestly, I try to do business with other resellers only... so there is a vested interest in the domain/package/etc... and a reseller is a LOT less likely to go and charge back when they have clients at stake.

And for those who mentioned collection agencies, I'm curious as to who you all are using.

Thanks!

------------------
If you're looking for
competitve hosting,
give us a look!