Results 1 to 18 of 18
  1. #1

    Domain registration and charge back

    Hello,
    customer comes to my website and register a domain online and pay for that, but after 1 week, charge back the money. so the domain has been registered and my account has been charged about 7$ from the registrar, but I received nothing from the customer.
    How can I protect myself from these things?

    Thanks
    DWS (Desktop Whois System), an easy to use desktop application to whois domains in many TLDs...

    IR5.Net Europe Shared Hosting, Reseller accounts and VPS Provider...

  2. #2
    By being proactive.

    Many input certain codes to give possible "warning signs" of potential fraudulent
    orders. One example is if the IP address doesn't match the credit card's address.
    (e.g. cc address = Herndon VA, IP address = Pakistan).

    Many would refund and cancel the order within roughly 24-72 hours after. But if it
    is too late, next best thing is to lock the account and charge a fee for the user to
    be allowed back in.

    If you're going to do what I mentioned above, make sure to explain such in your
    website's legal terms.

  3. #3
    Join Date
    May 2003
    Posts
    267
    you must use at least basic fraud detection tools such as GeoIP verification if you are in "card-not-present environment".

    I can't believe somebody would do $7 chargeback almost immediately after purchase. I'm afraid this is a case of so called "friendly fraud" where customer makes a purchase and then immediately runs to his bank and files chargeback saying "I did not do it!". In such cases only Verified by Visa can help
    Amirocms.com

  4. #4
    Hey , find somebody with 3d secure suit and you may sleep much better.

  5. #5
    Join Date
    Feb 2004
    Location
    Southern California
    Posts
    749
    Use those Fraud Detection suites wisely, and even then, still manually verify your orders. Most registrars(like enom) have a 24 hour period or so where you can email their support and report fraud and they will 'un-register' the domain and refund your money back to your account.

  6. #6
    Join Date
    Jan 2005
    Posts
    432
    You can check IP location here for free: http://www.ip2location.com/free.asp This database is actually better than MaxMind GeoIP in my experience.

  7. #7
    Join Date
    May 2003
    Posts
    267
    Nope, guys. In this specific case if it was an actual customer, IP detection would show 100% match i 0 fraud score

    Agains this ONLY Verified by Visa and Mastercard Secure Code can help.
    Amirocms.com

  8. #8
    Join Date
    Jan 2005
    Posts
    432
    I had someone use my Visa that I never use to buy something online and I disputed it and told Chase I didn't do it. They sent me a letter and told me I could not charge back because it was "Verified by Visa". Well guess what, I called them and charged back anyway and Verified by Visa didn't help them a bit.

    I am sure it makes it more difficult, but I know it isn't 100% fail safe from my experience.

  9. #9
    Join Date
    May 2003
    Posts
    267
    Very good point, Festus! Now let me explain. If you think that merchant got and paid this chargeback then you are mistaken. Merchant DID NOT EVEN SEE IT. Your bank (the card issuer) actually ate the cost of this chargeback. You have $0 liability on fraudulent purchases and regardless of VbV usage your bank honored it (kudos to them btw).

    Well, merchants ALSO have $0 liability on fraudulent transaction thanks to VbV participation. Your bank in this case did a poor job in ensuring security for you as a cardholder. Therefore they paid it and did not tell a thing.
    Amirocms.com

  10. #10
    Join Date
    Jan 2005
    Posts
    432
    Yeah you are probably right... I am sure someone stole it from a Chase database. No way they could of got it otherwise.

  11. #11
    Thank you all for your kind replies.
    just to make it more obvious, the situation I explained has not happend to me, I just want to prevent it from happening.
    the most worry I have is stolen accounts.
    so, ip detection may helps.

    One example is if the IP address doesn't match the credit card's address
    Payments method I'm using is Paypal, MoneyBookers and 2CO.
    So, how can I know account billing address when user is using the above methods? do they send back to me the billing address used by user?

    since I'm very new to the online payments, I need more explanations or links please.

    May you tell me what is Verified by Visa (VbV) ? how can payment become VbV?

    Thanks
    DWS (Desktop Whois System), an easy to use desktop application to whois domains in many TLDs...

    IR5.Net Europe Shared Hosting, Reseller accounts and VPS Provider...

  12. #12
    Join Date
    May 2003
    Posts
    267
    If you are using PayPal, Moneybookers and 2CO, then you can not implement Vbv/MCSC no matter how bad you want it, because YOU DO NOT HAVE A MERCHANT ACCOUNT. The above payment processing services generally speaking let you use their merchant account. Therefore unless they use VbV/MCSC for themselves you can not enjoy all benefits of this service.

    You need to have your own merchant account preferably setup on FDC Nashville, TSYS, or Paymentech networks, and you are kind of limited in selection of payment gateways since not all of them technically fit the MPI requirements for 3d Secure. But most of them like Authorize.net, Verisign or USAePay will work fine.
    Good luck.
    Amirocms.com

  13. #13
    Leksus, I think Payverify has very good security combination.

    1.GeoIP detection with Proxy detection.

    REMOTE_ADDR: 221.22.21.32
    HTTP_VIA: 221.22.21.32
    HTTP_X_FORWARDED_FOR: 192.168.1.1

    2.Phone call back verification.

    3.Language settings verification and local computer time verification.
    HTTP_ACCEPT_LANGUAGE: en-sp
    Computer time: 11/17/2006 6:17:17 AM
    Real Local Time: 11/17/2006 3:17:17 AM

  14. #14
    Join Date
    Jan 2005
    Posts
    432
    You can ask for issuing bank name and verify that. If you have 1st data processor they have mymerchantview.net that has a free and accurate (unlike some inaccurate 3rd party databases like MaxMind) BIN lookup database that tells you what the issuing bank is. (Only for Visa/Mastercard)

  15. #15
    Join Date
    Jun 2005
    Posts
    3,448
    Well most registrars have a 30 days refund policy. They should be able to give you back the money and cancell the domains. The other way is to lock the domain to the customer, so he cant access it anymore. Then he would be left without anything.

  16. #16
    Quote Originally Posted by nibb
    Well most registrars have a 30 days refund policy. They should be able to give you back the money and cancell the domains. The other way is to lock the domain to the customer, so he cant access it anymore. Then he would be left without anything.
    A bit late, but where did you hear that?

    Most registrars don't have a refund policy. Even if they do, they do so under very
    "special" circumstances.

    They have a 120-hour "grace" period to request cancellation and refund for .com
    domain names they registered within that timeframe. But they don't necessarily
    offer that option to their own customers.

  17. #17
    Join Date
    Jan 2005
    Posts
    432
    That would be a spammers dream... 30 day refund policy on domain names...

  18. #18
    Join Date
    Jun 2005
    Posts
    3,448
    Yes they do, the ICANN gives that to them. Its another thing if ENOM then doesnt want to give the refund to resellers.

    I dont mean you giving a refund to client, but the Registrar gives a refund period for the reseller. I know its only under csome circunstances, but they do, if you where scammed, they should refund it and cancell the domain.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •