About 5 days ago I added first commercial phpBB style to list of products available on my website and in last 3 days had 2 orders and both seems to be fraud. I'm using 2checkout for payment.
2 days ago I had an order and user was from former Czechoslovakia and he was using proxy provided by same provider and using credit card with US billing address. Today i had one more order for same product, this time client was from Malaysia, used proxy from France and used credit card from NY, USA for name John L. Rodriguez Jr (doesn't sound Malaysian). Thank god i implemented proxy check and log everything on my website.
I canceled both orders.
Am i just unlucky or other people selling templates (vBulletin, IPB or just web templates) getting that much fraud too?
Yep they do. One of our future clients being registered right now is one of the largest website template sellers. It seems to be a problem for all similar businesses with intangible goods.
The chargeback rate is comparable to high-risk online business.
What we're doing right now is integrating an auto telephone verification, where after the payment page the customer will be presented with a box to enter his (her) tel. number and get an auto call back with a PIN code said by an autosecretary and unless the code matches the transaction will not be complete.
While the technology wont be probably a saviour for high risk industries, cause at adult sites for example I hardly can imagine a customer happy about a call-back in industries targeted for sales to other webmasters , like templates or webhostings it might really help because there a firm desicion to make a purchase if someone does it has already happened before and basicly You can afford to use more "brutal" customer fraud checks without suffering a huge impact to sales volume.
Head of Business Development.
World Trade Center , Strawinskylaan 1443, 1077xx,
Amsterdam, The Netherlands.
tel: 0031207940110 , fax: 0031207940120
A lot of people just try to quickly download a template and hope that you do not have a waiting period. There is a lot of "template trading" that goes on - at least from what I have seen. I watch a few hacker forums to keep track of that as well as things to help protect my customers. You would be surprised at what they are doing.
And 5 minutes ago I had one more order from same user who ordered earlier today. And again used stolen credit card. So i added ban feature to my website and banned subnet of that user so instead of website he sees nice message that website is offline.
CyberAlien: Bad idea. The hacker will just find a proxy which You wont be able to notice (dialup proxy for example) and go around Your "ban".
When You notice someone's fraud one of the best options is a dull responce "declined" on a sales page with completely no information why. Let him think his stolen cards are bad and try one after another till he gets tired.
Otherwise he'll keep trying till he will figure out what exactly You use to notice him.
74s3: What plug ? If You refer to our telephone protection, it's gonna be done by the end of next week and will be free for our clients.