How to Reduce Credit Fraud on Your Website

According to data from Unisys Security Index “Credit and debit card fraud is the No. 1 fear of Americans in the midst of the global financial crisis. Concern about fraud supersedes that of terrorism, computer and health viruses and personal safety.

Also, data has shown that 40% of all frauds relates to credit cards, and at least 60% of credit card fraud occurs online. The total amount of credit card fraud worldwide is over $5.5 billion.

Last week, we published an article with security tips for consumers making payments online but it’s also important that online merchants take action to reduce fraud on their website.

If you accept credit card payments online, here are a few tips to reduce credit card fraud on your website.

1. Use a Reliable Credit Card Processing Service

While we will be sharing some effective tips to help you reduce credit card fraud on your website, most of the tips we’ll be sharing below are already effectively employed by reliable credit card processing providers.

Even without a reliable provider, it can be expensive and complicated trying to make these changes on your own.

So, the first step is to find and use a reliable credit card processing service; once you’ve done that, you can then take a look at the other points in this article to see if your credit card processor already implements them or makes provisions for them.

A great start is ACH Payment’s credit card processing service.

2. Pay More Attention to Foreign Orders

While fraud happens everywhere, it is more common in some regions than others.

If you sell to people in foreign countries, it’s important to pay more attention to foreign fraud; more than 40% of all credit card fraud suffered by US companies is from foreign countries.

Some common red flags when accepting orders from foreign countries are:

  • When someone orders with a US billing address but a foreign shipping address; this is often because the card used was stolen, so in cases like this it’s important to take other measures to verify the order placed
  • Placing a smaller order first, using the method listed above, to observe whether you’ll ship the order before placing a much bigger order
  • Ordering large quantities of the same product

There are other trends you’ll start to notice over time but the above 3 are common with foreign fraud orders.

Some steps you can take to prevent this kind of fraud are:

  • Assign a high-fraud score to countries with high credit card fraud rates; in other words, even if there’s the slightest red-flag from an order made from these countries you want to verify the order manually.
  • Request telephone numbers for both addresses and then verify the deals with a site like; this will usually reveal bogus billing addresses.
  • Try to verify the identity of the person placing an order; ask for more details like a scanned copy of the first 6 and last 4 digits of the credit card, a scanned ID of the person making the purchase and a scanned copy of a recent utility bill.

3. Check the IP Used to Place the Order

If the IP address used to place an order shows location different from the billing address used, then you want to pay special attention to an order.

People will occasionally travel and have to make orders in another country so orders of this nature aren’t necessarily fraud, but it’s important to tighten up security in a situation like this.

Another red flag is when a customer is trying to order with an anonymous proxy server.

4.Use IP Geolocation

Knowing more about your buyers can help you effectively reduce fraud.

By using the IP geolocation technology, you can automatically calculate a users exact location based on their IP address and then compare this data to the information they submitted to you.

When someone says she’s ordering from the US and you find out that she is actually ordering from Germany, then you want to pay more attention to the order.

This is especially effective for companies that process a lot of orders; manually reviewing all your orders is not an option but by using geolocation technology to detect inconsistencies in orders, you can take necessary action without having to stress legitimate customers.

5. Request as Much Information as You Can on Your Website

Collect as much credit card information as you can.

While this step can be effective, it’s only recommended if you have quality security measures in place; if you store credit card details on your server, for example, collecting a lot of details won’t help you. Instead, it can put legitimate customers in trouble should you be hacked. However, if you use a reliable payment gateway then this is something you can effectively implement.

By collecting more details, such as the credit card verification number, the full address, credit card type, credit card phone number etc. you can reduce credit card fraud from people who are simply guessing or who have partial stolen credit card details.

Also, to ensure that legitimate users don’t always have to go through the pain of filling the same credit card details you might want to implement a system where their details is stored and can automatically be used once in the future.

6. Check the Mailing Address Used

People who commit credit card fraud don’t use their real address; in most cases, they’ll use a mailbox, a ship-forward service or some kind of disposable address.

While legitimate customers will often have legitimate reasons for not using their real address, scammers are fond of using a mailbox or ship-forward address. When someone places an order on your website using a mail box or ship-forward address then you want to pay special attention to the order.

7. Ask for More Details when in Doubt

If you’re not sure of a certain order or your gut keeps telling you that something is wrong, ask for more details.

This could be a scanned copy of a signed credit card with some details blurred for security purposes; it could also be an utility bill as proof of address or some kind of identity to prove a buyer’s real identity.

Most scammers won’t bother providing these details and it’s easier to detect it when they try to fake the details.