Previous Page Next Page

Please copy/paste the following text to properly cite this How Stuff Works article:

Obringer, Lee Ann. "How Creating an Online Business Works." 01 January 2003. HowStuffWorks.com. <http://money.howstuffworks.com/online-biz-do-it.htm> 07 October 2008.

Inside this Article

Money Videos

More Money Videos »

Merchant Security

Okay, so we've talked about how to make your customers feel more secure, but what about you? What about your liability? What about your losses!? Statistics from credit card companies say that 75 percent of online retailers are liable for the full amount of any credit card fraud they encounter, while 90 percent of consumers are reimbursed for fraud. When you don't have a face-to-face transaction where all three parties (the actual card being the third party) are present then you have the potential for problems. And to make matters even worse, there are now software programs (illegal ones) that can generate an unlimited number of mathematically valid credit card numbers. But haven't mail order retailers been facing this problem all along? How do they protect themselves? There are some ways you can keep your credit card fraud to minimum. Here are a few of the best ones:

Work under the assumption that you will at some point face credit card fraud -- that keeps your defenses up
Use Address Verification Service -- This at least works for products that must be shipped within the U.S. It provides no protection for downloadable products such as software or books. (Authorizer and NetVerify are examples.)
Consider not allowing different "ship to" addresses -- Thieves can always provide you with the correct billing address and then request a different shipping address. By not allowing a different shipping address you could cut back some of your fraudulent charges. Or, you can always perform additional checks on these addresses. (Make sure you get a phone number for the ship-to address.)
Get a faxed copy of the credit card and signature when in doubt.
Watch out for large orders of high priced items that are asked to be shipped quickly. If it doesn't match your typical order, call the customer and verify the order and payment information.
Don't process any order you can't verify by phone.
Watch out for customers who give you an e-mail address from a free e-mail service like Yahoo or Hotmail. Those are an often used by thieves to help hide identities because any identification information can be submitted in order to get the e-mail address. Require a true ISP-based e-mail address.
If the customer is - or appears to be - a business, check the Web address (Often the last part of the e-mail address is the Web address. Just add a www. to check it out.) If the Web site doesn't match up with the information you were given then don't fill the order until you can verify further.
Code your form handler to collect the IP address of the computer sending the order. You can trace it back to the ISP and let them know about the fraudulent activity.
Watch out for orders that originate, or are to be shipped out of the country. There has been particular fraudulent activity in the Eastern European countries.

Visit the AntiFraud Web site for more ways to protect yourself, as well as a list of free e-mail address providers. You should probably also set aside a sum of money for credit card fraud. Talk to your accountant about what a reasonable amount might be.

Previous Page Next Page

Consumer Guide:

Inside this Article

Merchant Security

Inside this Article

Related Ad Categories