Avoid 3 common types of online payment fraud

Worldpay Editorial Team

July 24, 2019

Because physical cards are not swiped for these purchases and you don't have a face to face interaction, there are even more ways for clever fraudsters to capitalize on stolen card information. Let’s explore some of the ways that criminal activity occurs online and what your business can do to help prevent the fraud.

1. Simple card theft

When thieves obtain credit card information like personal account numbers, expiration dates, and cardholder names, it can open the door for online payments fraud. However, there are steps your business can take to help deter the effects of simple card theft:

  • Use address verification service (AVS) and request card security codes to help validate that the purchaser is indeed the cardholder
  • Flag orders with quantities or transaction values beyond the norm
  • Track payment card numbers, IP addresses, and email addresses that are associated with known fraudulent transactions

2. Card testing

When fraudsters obtain a bulk of stolen credit and debit card information, they may try to distinguish those already reported to issuers by “testing” each card with low-ticket transactions from trusted businesses and organizations. Here are some steps you can take to help mitigate these attacks:

  • Add AVS and card security code verification to your checkout process to help slow down the speed of each payment transaction and render your site a less attractive target
  • Monitor device, IP address, and IP geolocation velocity to flag irregular purchase activity above a predefined threshold
  • Identifying each buyer’s device and/or true IP address (i.e. behind any web proxy)

3. Package interception and redirection

Card thieves can use stolen card information to purchase hard goods and then intercept them during delivery. To help avoid the costs of lost goods, merchant chargebacks, and refunds, consider the following techniques:

  • Flag potentially risky orders for manual review prior to shipment and contact cardholders directly to authenticate the order
  • Require each customer’s billing address when accepting payment; once confirmed, it can serve as a cross-check when evaluating the shipping address
  • Implement a velocity check on each shipping address and flagging those that exceed your cap

Your payment processor can help you with these methods and provide guidance on additional actions you can take to protect your business. There are a variety of strategies you can implement. Give us a call to discuss your options.