|
Preventing Credit Card Fraud
Part 2
You took all the steps. You captured the CVV2, traced the IP,
cross referenced the address, and verified the address with the
card company and it all looked good. Three months later you receive
a charge back notice and there's a hefty fee
pulled out of your account. Now what?
According to the regulations of the card organizations, you must
produce a signed sales slip in order to reverse the charge back.
You're an on-line merchant and you can't do that. That's that.
End of story.
Don't believe all the advertising hype aimed at card holders.
You, the merchant, are the victim of credit card fraud
and the banks always intended it to be that way. If they
don't hold the card holder liable for fraudulent transactions,
who do you think the'll hold liable? Themselves?
But is it really that bleak? In the entire membership of our organization,
I know of only a few reversals. What I DO know is that there is
more to be done.
IF THE FRAUD IS A BAD OR STOLEN NUMBER - Go over the entire transaction,
pulling every bit of data from the transaction. You'll need everything
you have; the originating IP, the card information, the dates
and times, trace-routes, WhoIs information, emails, in short everything
about the transaction you can gather.
Don't forget to retrieve your site logs. If you don't have access
to them yourself, put your ISP on notice that you are going to
need the logs from the date of the transaction. If you have access
to your own logs, they won't be available on the server forever
- move them to your own hard drive.
Put it all into a logical order and print it. Your goal is to
be able to explain how, where, and when the fraud took place.
You want to establish an audit trail from the minute the fraudster
entered your web site until the time they left and what they did
while they were there. You want to have documentation on every
step you took, emails you sent, and, in the case of hard goods,
when you shipped the order and who signed for it.
Call your local police and ask for their Internet expert if they
have one, and present the evidence to them. Also, since you have
a TraceRoute, call the local police in the area the sale came
from. Also, report the fraud to the Internet
Fraud Complaint Center. This is probably the best single reporting
center, as they will review the information you give them and
refer it to the proper agency.
A word about reporting the fraud to authorities. Most small police
departments will know little about all this. You'll really need
to have your case well documented. If the amount you lost is small,
there is even less incentive for them to want to take action.
Point out to them that what happened to you is probably not an
isolated incident, but part of a series of crimes against various
web companies. If you have to, take them to websites like ours.
Make them understand that this type of crime has reached epidemic
proportions and something needs to be done.
IF THE FRAUD IS CYBERSHOPLIFTING - If you've become a victim of
cybershoplifting, you can get sweet revenge, if not reimbursement.
But again, you'll need to get all the information collected in
one place.
Call the customer-turned-cyberscammer. Make sure they understand
that you are aware of what they have done and that you will not
allow it to slide. Tell them that if there's a problem with the
merchandise/service you will do what's reasonable to make it right.
Offer a payment plan. If this doesn't work, notify the creedit
bureau that they owe not only the money for the product but the
charge back fee. It will be made a part of their credit report
and they'll either be willing to pay you to clear the record or
have to live with the bad information for 7 years.
In either case, report the information to the abuse address for
their ISP. Service providers don't like their services being used
for illegal purposes and it's probably a violation of their TermsOf
Service. BUT... Don't request termination of accounts - just lay
out the facts and request a review.
Copyright 2000 - 2010 Merchant 911, LLC - All rights reserved
|
