Page 1 of 2 12 LastLast
Results 1 to 25 of 26
  1. #1
    Join Date
    Jan 2004
    Location
    Boise, ID
    Posts
    2,453

    What steps do you take to prevent chargebacks?

    I'm just curious what steps others take to prevent chargebacks. Personally we have implemented a few methods:

    Fraud Guardian
    A physical Mailing to the customer (more than just a welcome letter).


    We are looking at what other methods we might be able to add to further mitigate any "Potential" chargebacks.

  2. #2
    Join Date
    May 2004
    Location
    Toronto, Canada
    Posts
    643
    Charge back is a huge problem... We can't even dispute because our services fall under virtual item.

    As for preventing the chargeback, we tend to review every order and veirfy the order by calling the customer. Most of the time we can tell right away that its a fraud beacuse the signup name is different than the credit card name. And sometimes the Logged IP is different from the geographic area where the credit card and the billing info belongs to.

    Alot of times when we call to verify orders, the phone number is either not working or no one picks up.
    Hussain Baig - 1-866-954-6747
    Toronto based VPS - Dedicated Servers - Colocation
    VPS Fusion - Providing scalable and reliable hosting solutions.

  3. #3
    Join Date
    Jul 2003
    Location
    Goleta, CA
    Posts
    5,566
    Use common sense. It's a great tool and rarely lets you down. Check the ip location, call to verify the order etc. . .

    and the big one

    if your instinct tells you not to take the order but everything else seems to check out, don't take the order.

  4. #4
    Join Date
    Nov 2003
    Location
    Rovaniemi
    Posts
    483
    We use an integrated version of Maxmind's antifraud system, which checks IP location and a whole range of other items upon ordering.

    Secondly we do a manual check as well.

    If you see too many different addresses then you should be very cautious.
    For example, someone signs up for an account and uses Paypal.
    Only yesterday we had such a signup, where the email address and name of the client, the Paypal address and the domain owner were completely different.

    What we do in such a case is to send an email to each one of those addresses to ask for verification. Each email has a different code inserted into the subject. We need verification from all three addresses before we proceed with setup.

    In our own case from yesterday, the client replied from all addresses, but they turned out to be forged because they did not include the original code which we sent. It turned out the customer simply forged the email address to show as if it was coming from a different address.

    Other things you can do is to ask the client to change for example the second nameserver of the domain to something you want. If that works then you can verify that the client can access the domain in question.
    Or you can of course do the phone verification too.

    The more verification you get, the more sure you can be that the order is legit.

    But as the previous poster said, if your gut feeling says that you should decline the order, then do so.

    Another tool you can us is http://www.chargebackprotection.org/

    I hope this helps.
    IceBlueHost | Premium Quality Hosting Solutions
    Shared | Reseller | Xen VPS | Dedicated | cPanel | Softaculous | CLoudLinux | Game Servers
    True 24x7 Support | No Overselling | Servers in France and Canada
    Follow us on Twitter for the latest news and special promotions

  5. #5
    Join Date
    Jan 2002
    Posts
    1,053
    Quote Originally Posted by pixelized
    Use common sense. It's a great tool and rarely lets you down. Check the ip location, call to verify the order etc. . .

    and the big one

    if your instinct tells you not to take the order but everything else seems to check out, don't take the order.
    Thats what we do and I don't think that we've had any fraud orders sneak by in the past year.

  6. #6
    Join Date
    Mar 2005
    Location
    USA
    Posts
    667
    Good advice! We do the same thing and call every order. It's absolutely the best way of avoiding fraud.
    Jim - 2Macs H-Sphere Web Hosting
    Since 2001 - H-Sphere Clustered Shared Linux & Windows Hosting
    Fully Managed Services| Custom Web Designs
    Unconditional, 30 Day Money back Guarantee!

  7. #7
    Join Date
    Nov 2003
    Location
    Rovaniemi
    Posts
    483
    In my opinion, phone verification is not a guarantee.

    I mean, what if the fraudster who signs up gives his own number (I know that's stupid, but you'd be surprised what they all do!).
    You call him and of course he will say that the order is correct.
    I know of several instances where this has happened. Not personally, but I know from others.

    Any verification should not be done alone, you will always need several different verifications to make sure an order is legit or not.
    IceBlueHost | Premium Quality Hosting Solutions
    Shared | Reseller | Xen VPS | Dedicated | cPanel | Softaculous | CLoudLinux | Game Servers
    True 24x7 Support | No Overselling | Servers in France and Canada
    Follow us on Twitter for the latest news and special promotions

  8. #8
    It is hard to guard against. We use AWBS, and fradgrabber (service provided by AWBS billing software) and reduced fraudrant transactions significantly. But, they do come back time-to-time. fradgrabber uses IP-to-Location type verification to verify user's home address with IP location. I see abusers getting smarter and use a home address where IP is located, and transaction goes through.

    We also verify ip location mannually, which we implemented ourselves using ip2location database.

    http://www.iplocation.net

    You'll just have to make your best judgement. Fraudrant transactions in many cases use domain names that starts with onlineXXX or accessXXX (and the like) to use in phishing purpose. Beware of those domain names.
    Top Web Hosts
    http://www.topwebhosts.org
    Web hosting directory & resources

  9. #9
    Join Date
    May 2002
    Location
    Kingston, Ontario
    Posts
    1,588
    Phone verification is a good one but fraud orders can use virutal numbers as such through Skype so you need to keep that in mind.

    Manual checks of the domain whois information may also help although many don't keep that info updated.

    IP location checks are a good method to help as well.

  10. #10
    Join Date
    Jul 2003
    Location
    Castle Pines, CO
    Posts
    7,189
    We use LinkShield and Verified by Visa / MasterCard Secure code. A lot of times, we will also ask them to sign a statement authorizing the signature.

    Some things to look for to scrub the transaction further:
    • First Time Buyer
    • Larger-than-normal orders
    • Orders consisting of several of the same item
    • Free EMail Address
    • Address Verification Service (AVS)
    • IP address does not match billing information
    • Orders made up of big-ticket items
    • Orders shipped rush or overnight
    • Orders shipped to an international address
    • Orders shipped to a single address but made on multiple cards
    • Multiple transactions on one card or similar cards with a single billing address, but multiple shipping addresses
    • Multiple cards used from a single IP (Internet Protocol) address
    Of course some of the above does not / cannot have anything to do with hosting but it might help some of the users on this board or it might help some of the your customers.

  11. #11
    This is what we do for large orders. normaly I am not concerend with the $5 per month shell customer but if someone is buying a $100+ per month dedicated box then we definatly want to check them out if its their first order.

    We require full name on card, billing address and billing phone number (the number the bank might use to call the customer) as well as the other usual stuff.
    We first check the IP to make sire its at least in the same part of the world as the phone, address info is and check for strange differences between billing and contact info. Its not uncommon for a person to buy somethign with a card under a different address (firend, parent, old address). We also look for IP blocks belonging to countries which tend to generate fraud.
    We then call our merchant account customer service line where they allow us to enter in the card number and will give us back the phone number belonging to the card issuing bank.
    Now armed with all the order info card issuing banks phone we call the bank and navigate our way to a customer service rep. Sometimes there is a special option for merchants to use to get to the right department and other times you just have to get a normal service rep.
    Now banks are under no obligation to tell you anything so its best to start right off in a highly professional mannor and introduce yoruself, yoru company and that you want to verify a charge made by a customer on a card issued by that bank. Then proceed to read off every part of the order form name on the card, to exp date, to sec code, to full billing address and phone number of the customer. The bank may refuse to confirm the phone but they normaly wil confirm every other part of theinfo. They will never give you the info they see but wil siple say its accurate or inaccurate.
    Now the key here is you confirmed the card holders name and their home phone number so now you can phone verify with above averge confidence that you wil be talking to the real card holder.
    The only flaw here is kids using their parents cards without permission but if this results in a charge back you simple call the card holder andplay back the recorded phone authorization and I am sure there will be one very grounded kid. This has happened a few times each year here and many times the parent will apologize and reauthorize the payment.

    This isnt perfect and it can be time consuming but in higher risk situations its well worth it. Almost all US banks wil be very cooperativer but international onces can be a pain.

    And always record conversations with your client and have them confirm their card number, their name, the date of the purchace and the amount because having this can mean the difference in winning or losing a charge back when the dispute comes in. You simple submit the recording back and they almost always lose if you were indeed speaking to someone who remotely sounds like the card holder.

    Another option you can use is a "letter of non-dispute" which youc an find online pretty much anywhere. Although this is time consuming and sometimes frustrating for the customer you shoudl use this in any really large transaction such as over $1000. It will include a signed statement where you fill int he amount, the card holder name, the date and what they bought which the customer signs and also includes a photocopy of their photo id and front and back of the credit card. This too is very difficult for a bank to ignore when youssend them this in answer to a charge back.

    But nothing beats prevention...you can fight charge backs but its far better to not let them occur in the first place. This means keeping your customer happy and not pissed off because your customer service sucks and doing common sense checks to catch the obvious cases. Also keep a log of every single fraud ip, email, name, address, phone, and everything else you take in on orders. And scan your :blacklist" for new orders with similar information. Frauders like to hit the same places more then once especialy if they got away with a couple months of service before the chargeback came through.

  12. #12
    i have done everything in my power to prevent chargebacks. i have followed paypal protection policy to the T and still got nailed!

    that really pissed me off. as a matter of fact, the transaction its selft said i was covered by the policy (i am the seller)

    yet i was still subject to the chargeback and never got my item back!

    if you want to be really worry free about a transaction, use www.escrow.com

  13. #13
    Join Date
    Aug 2003
    Location
    Chesapeake, VA
    Posts
    3,381
    Cardholder authentication (Verified by Visa/MasterCard SecureCode) is a great way to reduce your merchant liability on transactions. It can effectively block around 60% of the most common chargeback reason codes centering around the "I didn't authorize it" responses.

    In addition, verifying new orders automatically by phone order verification is a very powerful tool. The simple fact of the matter is that fraudsters do not want to be able to be reached over the phone. They are extremely adverse to this and so any system - whether manual or automated - that verifies them at the phone # they state they are at is a very useful tool against fraud.
    CDGcommerce.com - Trusted Merchant Account Solutions since 1998
    Many thousands of successful, growing businesses benefit from our expertise every day. You can, too!
    We help merchants to eliminate gateway costs, reduce & mitigate fraud and achieve streamlined PCI compliance.
    Learn more today at http://www.cdgcommerce.com - we look forward to helping your business grow!

  14. #14
    Join Date
    Aug 2001
    Posts
    4,028
    Quote Originally Posted by cdgcommerce
    Cardholder authentication (Verified by Visa/MasterCard SecureCode) is a great way to reduce your merchant liability on transactions. It can effectively block around 60% of the most common chargeback reason codes centering around the "I didn't authorize it" responses.

    In addition, verifying new orders automatically by phone order verification is a very powerful tool. The simple fact of the matter is that fraudsters do not want to be able to be reached over the phone. They are extremely adverse to this and so any system - whether manual or automated - that verifies them at the phone # they state they are at is a very useful tool against fraud.
    How do you handle new orders that are placed during morning hours, clients outside your Country, etc? Do you simply make the call no matter when?

    We've been hit with a couple chargebacks this month. Never fun.

  15. #15
    Join Date
    Jan 2002
    Posts
    1,053
    Quote Originally Posted by Mekhu
    How do you handle new orders that are placed during morning hours, clients outside your Country, etc? Do you simply make the call no matter when?

    We've been hit with a couple chargebacks this month. Never fun.
    If an order is placed during the early morning hours, then call to confirm later when it would be more appropriate. Call people outside of your country...you just have to dial a few extra digits. If there is a time zone difference, then try your best to coordinate when it is appropriate for both parties.

  16. #16
    Join Date
    Aug 2001
    Posts
    4,028
    Quote Originally Posted by Josh Stein
    If an order is placed during the early morning hours, then call to confirm later when it would be more appropriate. Call people outside of your country...you just have to dial a few extra digits. If there is a time zone difference, then try your best to coordinate when it is appropriate for both parties.
    Honestly, this sounds like it would cost more then the 1-2 chargebacks we do receive every couple of months, let alone a lot of work. We'll just keep playing the "use your gut feeling" game for now I think.

  17. #17
    Join Date
    Jan 2002
    Posts
    1,053
    Quote Originally Posted by Mekhu
    Honestly, this sounds like it would cost more then the 1-2 chargebacks we do receive every couple of months, let alone a lot of work. We'll just keep playing the "use your gut feeling" game for now I think.
    You don't just have to worry about chargebacks but also security breaches. If you are activating accounts of people that ordered for malicious purpose perhaps they can break into your server and see other customers data? What if they start sending SPAM and your server is unplugged?

    Those are just some examples.

  18. #18
    Quote Originally Posted by pristinehosting
    i have done everything in my power to prevent chargebacks. i have followed paypal protection policy to the T and still got nailed!

    that really pissed me off. as a matter of fact, the transaction its selft said i was covered by the policy (i am the seller)

    yet i was still subject to the chargeback and never got my item back!

    if you want to be really worry free about a transaction, use www.escrow.com
    If your refering to paypal you should note a few things about papal seller protection. It only covered tanible items shipped with a tracking number. If it says you qualify and you shipped an item and can prove it was delviered to the address listed on paypal then paypal will cover you up to$5000 per year. but remember if you get alot of charge backs paypal in a short time paypal might have reson to believe your causing or promoting bad transactions and might find it in their best interrest to pull the plug on your protection at any time. Ideally you shouldnt get more then 1% charged back then your total paypal monthly income. This means if you sell $1000 per month dont let charge backs be more then $10 per month.

    for credit card payments records the call, get them to sign a letter of non-dispute, or fax in a photocopy of the card and picture ID. call the bank and verify all the info especialy the phone number if your not shipping an item. This way you can know the person you called and voice recorded authorization is most liekly the right person. Although we sometimes get kids using parents cards that lead to charge backs but playing back the recorded authorization normaly results in the chargback being cancelled with apologies and a certian kid being grounded.

    Most of all common sense. It if looks bad check into it deeper or just refuse the order.

  19. #19
    Join Date
    Jan 2002
    Posts
    1,053
    Quote Originally Posted by kib5
    If your refering to paypal you should note a few things about papal seller protection. It only covered tanible items shipped with a tracking number. If it says you qualify and you shipped an item and can prove it was delviered to the address listed on paypal then paypal will cover you up to$5000 per year. but remember if you get alot of charge backs paypal in a short time paypal might have reson to believe your causing or promoting bad transactions and might find it in their best interrest to pull the plug on your protection at any time. Ideally you shouldnt get more then 1% charged back then your total paypal monthly income. This means if you sell $1000 per month dont let charge backs be more then $10 per month.

    for credit card payments records the call, get them to sign a letter of non-dispute, or fax in a photocopy of the card and picture ID. call the bank and verify all the info especialy the phone number if your not shipping an item. This way you can know the person you called and voice recorded authorization is most liekly the right person. Although we sometimes get kids using parents cards that lead to charge backs but playing back the recorded authorization normaly results in the chargback being cancelled with apologies and a certian kid being grounded.

    Most of all common sense. It if looks bad check into it deeper or just refuse the order.

    There is a difference between PayPal-level chargebacks/disputes and bank-level. You should be able to win any PayPal-level dispute because you are selling a service. PayPal does not provide their customers with buying protection for services (at least this was how it was in the past, I don't know if things have changed).

    As for recording calls, be very careful. There are a lot of laws regarding that and it varies from state-to-state. I recommend that you seek legal counsel for that issue.

  20. #20
    Join Date
    Jan 2005
    Posts
    432
    If you are not high volume, you can get FraudLabs.com credit card fraud check for free. You can use it for 90 queries a month. They have a web based deal where you send a query to their server or you can use their Windows client to do it.

  21. #21
    Join Date
    Jan 2005
    Posts
    432
    Quote Originally Posted by ScarabWeb

    Another tool you can us is http://www.chargebackprotection.org/

    I don't know if I want to sign up for this website or give them any information about me or my customers since they have no contact address and is using WHOIS guard. I have no idea if they are legit or if this is legal.

    This is a great idea if it is legit and legal... I guess I would need to talk to my lawyer about it.

  22. #22
    Quote Originally Posted by Josh Stein
    There is a difference between PayPal-level chargebacks/disputes and bank-level. You should be able to win any PayPal-level dispute because you are selling a service. PayPal does not provide their customers with buying protection for services (at least this was how it was in the past, I don't know if things have changed).

    As for recording calls, be very careful. There are a lot of laws regarding that and it varies from state-to-state. I recommend that you seek legal counsel for that issue.
    The paypal protection program will protech you the same no matter the type of charge back or claim. You do have to follow the same rules and ship to the conrfirmed address with a tracking number. Paypal wil absorb the charge back even if th ebank wins paypal will let you keep th emoney as long as you shipped to the confirmed address.

  23. #23
    Join Date
    Jan 2002
    Posts
    1,053
    Quote Originally Posted by kib5
    The paypal protection program will protech you the same no matter the type of charge back or claim. You do have to follow the same rules and ship to the conrfirmed address with a tracking number. Paypal wil absorb the charge back even if th ebank wins paypal will let you keep th emoney as long as you shipped to the confirmed address.
    I am talking about PayPal disputes. If a buyer tries to dispute a purchase of a service, they technically are not able to. If you are the seller, you simply state that the sale was of a service and the dispute should be closed in your favor. There is definitely a difference between service versus good and PayPal charge back versus bank-level charge back. Also, there is no address to ship to when a service is the item.

  24. #24
    Join Date
    Jan 2004
    Location
    Boise, ID
    Posts
    2,453
    Josh you have a lot to learn about Paypal.

    If I, as a buyer, felt I had been sold a service fradulently and Paypal refused to do anything I would take it up with my bank.

    If it was a debit/credit card purchase I could then issue a chargeback which would hit Paypal and paypal would hold the seller accountable.

    If it was echeck I can still, with my bank, issue the equivalent of a chargeback. Not all banks support this yet, but more and more are starting to.

    In other words, just because paypal closes a dispute that means nothing.

  25. #25
    Join Date
    May 2003
    Posts
    267
    Quote Originally Posted by Festus2005
    If you are not high volume, you can get FraudLabs.com credit card fraud check for free. You can use it for 90 queries a month. They have a web based deal where you send a query to their server or you can use their Windows client to do it.
    Services like FraudLabs, MaxMind, and other who only provide GeoIP/proxy detection CAN NOT be used as your ultimate decision maker on transaction acceptance. It is good to "be advised" of the response(s) they provide but relying on it compeltely would be a mistake.

    I.e. if you have American cardholder traveling in France using his yahoo e-mail address, transaction will get over 3.5 fraud score for sure (with MaxMind). In such cases only VbV/MCSC will let you to accept this transaction worry free.
    Amirocms.com

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •