Online credit card fraud is very costly for merchants, who bear the brunt of the cost of eCommerce credit card fraud. Though there is no guaranteed way to eliminate all online credit card fraud, there are many approaches for minimizing eCommerce credit card fraud that merchants may want to consider.

Minimizing eCommerce credit card fraud is a major concern for online merchants. In almost all cases of eCommerce credit card fraud, the merchant is the major loser, having to refund the cost of the service or merchandise they sold as well as paying credit card chargeback fees to their merchant account bank. Though all online merchants can be the victims of eCommerce credit card fraud, some are at higher risk:

• Merchants selling intangible goods or services, such as streaming music or videos
• Merchants dealing in big ticket items that are easy to resell, like electronics or computers
• Merchants who do business in multiple countries

Though these types of merchants may need to be extra careful, all online merchants are at risk and should take steps for minimizing eCommerce credit card fraud. The methods for minimizing eCommerce credit card fraud generally focus on the fact that most online credit card fraud occurs when someone has a stolen or fake credit card number. The criminal with the credit card information will try to order items in such a way that they cannot be traced, either because the items are intangible, or because they have them shipped to an address that will forward the item or where the criminal can pick it up undetected. The criminal will try to hide their identity from the merchant so they cannot be traced. Often, they will not have possession of the actual card.

With these things in mind, here are some tips for minimizing eCommerce credit card fraud:

• Require the customer to enter the 3 or 4 digit security code from the back of the card. This number cannot be swiped and is not stored by merchants, so unless the criminal has the actual credit card they are unlikely to be able to enter the correct code.
• Use an address verification system (AVS) for orders in the U.S. This system checks the numbers in the customer's address and compares them to the billing address on file for the card. Though some credit card thieves may have the customer's address, many will not and the address verification will fail.
• Ask for the customer's phone number, and check the location of the area code against the zip code in their billing address. These can also be checked against the location of the bank identification number (BIN), which are the first two sets of numbers on a credit card. These should usually all belong to the same region in the U.S., though some people, such as college students living out of state, may have a mismatch. In this case, the merchant can use the phone number to call the customer and verify that it is a real number and that the customer placed the order. They can also call the bank to check that the credit card is valid. This method isn't foolproof, but will eliminate some fraudulent charges.
• Check the customer's IP address. This is the unique address of each computer connected to the Internet. The IP address should be in the same location as the customer's billing address and/or area code. There may be reasons for the IP address to be in a different location, but in  those cases the merchant should use caution and try to confirm the validity of the order. Also, if the customer is using an anonymous proxy server, which hides their IP address, the merchant should be wary of proceeding with the order.
• Enable Verified by Visa and MasterCard SecureCode. Though not all customers use these security features, which require the customer to enter a password to place an order online, they can reduce fraud and may help merchants avoid liability for chargeback fees.

Using one or more of these methods can help merchants reduce credit card fraud. Merchants should be aware that any of these services will cost merchants either to sign up for individually or to enroll for as part of a web hosting or payment gateway plan. Merchants should verify that these features are compatible with their web hosting plan and their payment gateway.

In addition to the above suggestions, there are some things merchants can watch for to minimize online credit card fraud. If the online business is relatively small, merchants may be able to monitor for these things themselves without having to pay anything extra for the service:

• Orders that are being shipped to an address different than the credit card billing address may be legitimate, but merchants should verify them.
• Merchants should require a street address for shipping, since P.O. boxes or forwarding and drop shipping services are often used by criminals.
• Orders that seem unusually small may be test purchases with stolen credit cards.
• Very large orders being shipped by the fastest and most expensive shipping method should also be verified, since this is a common hallmark of fraudulent orders.
• Though many people use free email accounts such as Yahoo! or Google, criminals also like these kinds of accounts. If the customer claims to be a business or large organization but has one of these free email accounts, it would be worth verifying that the customer is legitimate.
• For international businesses, be cautious about orders coming from Eastern Europe and Africa, which have higher rates of fraud.
• Merchants should also trust their instincts, and if anything seems off about a customer or an order they can verify the credit card information with the issuing bank.

Legitimate customers usually appreciate it when a merchant verifies their identity, since they are also worried about the hassle and expense of credit card fraud, while criminals may be discouraged by these fraud protection measures.

Merchants can also help minimize eCommerce credit card fraud by making sure that their own web site is secure. They should have an SSL certificate and possibly also a third party verification certificate from a company like Verisign. They should also make sure that any customer information that they store is secure from hackers.

Related Article: eCommerce Processing >>