Announcement

Collapse
No announcement yet.

Preventing Fraudulant Orders

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    Preventing Fraudulant Orders

    Been hit a few times & want to tighten up our website & our procedures. So, apart from been vigilant, how can you prevent fraudulant orders. Just wanted to know what check other Actinic Users carry out to ensure the order & card are genuine.

    Thanks
    Nilesh
    Tags: None
    #2
    I couldn't think of a better place to discuss these things, the World Wide Web is just so private . Come on everybody, tell us what you do so we know how to circumvent yours also.

    Comment

      #3
      It's hard to say more than "you get a eye for something out of the ordinary" small things sometimes stand out and make you ask yourself "Why"

      The more expensive the order, the more you look and check everything that looks questionable, are they at that address on 192.com, phone up and ask for the name of the bank card company and check it on Protex or your card processor (fake card do not normally have the card issuer named on them just the numbers etc)

      Sometimes they order a small item and then come back for a much larger order, Why would anyone want two or more of the same pairs of your expensive shoes. Maybe for mum and daughter but ????? worth a check

      Keep the order for a few days notify them out of stock for four days and have time for card company to fail their checks
      Chris Ashdown

      Comment

        #4
        Thanks for the replies.

        Point taken Lee, but I was looking for conceptual ideas & what to look out for. I wasn't asking actinic users to post their actual procedures & compromise their own security or their website. Chris has given some ideas which we could look into. So many thanks Chris.

        Comment

          #5
          It is all part of the game of trading online - in the real world they put a brick through your windows and online they use stolen cards. B******s!

          Like Chris you can often feel if something is wrong... certain products, different delivery addresses (both residential), certain parts of the country, formation of order (unusual combinations).

          There are also mathematical analysis that can be done on orders concerning the distribution of numbers and thresholds. Removing credit card thresholds statistically you will have more orders starting with a 1. Most crims when forging accounts / expenses tend to start with an 8 or a 9 thinking £920 is better than £1000. It isn't and this is typically how false accounting is spotted and proven. There is a law (which I can not recall - I shouldn't read maths books in bed) which shows the standard distribution of numbers and it is far from random.

          Taking credit card limits into account watch out for not only the above but also daily spend limits of £250 and £500 being typical and the really stupid going to the £1000 .. orders sitting just under these ceilings should attract additional concern.


          Bikster
          SellerDeck Designs and Responsive Themes

          Comment

            #6
            I'll speak out

            I don't understand the problem of stating what you do - it isn't anything secret - and it may help prevent any attempts at fraud.

            Firstly, use a payment service provider, with transactions going through this only (not virtual terminal, not telephone or post orders). Secondly, have 3D-Secure enabled and required for all transactions. Thirdly, check the Third Man fraud score for all transactions, and study carefully any with red tags, and act on accordingly. Fourthly, keep records for each customer, with a history that you can check on. Fifthly, have a human being monitoring orders. If any crook finds this useful information I would be surprised.

            Sarah

            Comment

              #7
              It's a complex subject, but I agree with the sentiments in the last post.

              The 3rd Man which is available in SagePay and Actinic Payments (and probably others), is the system as used by Argos, Tesco and many more and claims to catch 97% of fraud, so that's a good start.

              Chris

              Comment

                #8
                Thanks for the replies. Was caught up with other things, so couldn't post earlier.

                I've taken on board what's been said. We use Actinic Payments with Streamline but needed our procedures tightened up some-what including the switching on of 3D-Secure which was unfortunately disabled. We've started to use 192.com and streetview, just to make sure we know where its going, especially where there's a gut feel about the order. This mainly goes for anything urgent or if the order is via MOTO.

                Many Thanks for all your help.
                Nilesh

                Comment

                  #9
                  Nilesh, do you use The 3rd Man scores? They use 192.com as part of their checking I believe.

                  The 3rd man is processing a substantial proportion of all ecommerce transactions in the UK. As such, they are in a unique position to find out whether the same card is used at multiple addresses, multiple orders on different cards are made from the same IP address, the same email address is used with multiple addresses and names etc etc. That sort of checking can't be done by individual merchants.

                  Hope I don't sound like too much of a booster for them. I was just at The 3rd Man HQ a couple of weeks ago and was reminded just how comprehensive their checking is.

                  Chris

                  Comment

                    #10
                    Chris,

                    We've started to make more use of 3rdMan score. I would say its more a problem of not understanding what it relates to rather than the functionality it provides.
                    I may have moaned many times before about Actinic, but these are the kind of things that helps the smaller businesses trade safely online & its not as much appreciated. I for one would like to thank you for this.
                    So Many thanks, Chris.

                    Nilesh

                    Comment

                      #11
                      Thanks Nilesh, much appreciated.

                      We are working on trying to get the individual elements of The 3rd Man scores passed to Actinic. If we achieve that, it will then be possible to see how the score is made up.

                      Chris

                      Comment

                        #12
                        Third Man on SagePay

                        On SagePay there is a detailed report of how the score is arrived at. I check each one with a red blob. Usually the problem is with the delivery address - multiple cards, multiple people, etc, and usually the delivery address in question is somewhere like The Royal Bank of Scotland, or another bank, or a another business in the City. This causes us some amusement. We then see that there has been no particular problem with the particular card-holder, so we continue with their order. It is quite rare for somebody's home address to have a fraud score, unless there is multiple occupancy. Very occasionally there is a high fraud score for somebody's home address and for their telephone number - we would despatch the goods requiring a signature. Sometimes the telephone number has a high fraud score because it is 00000 000000.
                        Sarah

                        Comment

                        Previous template Next
                        Working...
                        X