Article:Preventing_Online_Fraud : Reprint Articles on www.medicaradvocacy.org

Preventing_Online_Fraud

Preventing Online Fraud PREVENTING ONLINE FRAUD By Robert Levings, President, EasyPay123 The following article deals with the issue of online fraud, its impact on merchants, and the ways that it can be prevented. It is part of a series of articles offered by EasyPay123 to help merchants understand the many facets of processing credit card payments. Overview As criminals become more sophisticated in their attempts to commit online credit card fraud, new technologies are required to discourage and detect fraud before it occurs. Risk of fraud is a potential barrier to online purchases. It can also be costly to merchants, since they must bear the costs of successfully disputed purchases. In addition, too many charge-backs can cause merchants to have their merchant account status downgraded or revoked, thereby negatively impacting their business. A number of technologies are emerging to both secure sensitive data and reduce the amount of successful fraud at the various stages of the order cycle. Input-Based Methods Several technologies exist that verify data input by purchasers at the time an order is placed on a merchants website. AVS (Address Verification Service) matches the street number and zip code that is entered by a purchaser with address information on file with the credit card companies. A message is then sent back to the payment gateway indicating the degree to which the address information matches (e.g. Address matches, zip code does not). Based on the AVS settings or "filters" the merchant has set within the payment gateway, the merchant can then make a decision about how they wish to proceed with the transaction when there are mismatches. One key drawback to AVS processing is that checking occurs only after a valid authorization is returned. This means that there will be a hold on the customers account for the amount of the transaction, even though the merchant may decide to decline based upon the AVS results. This method is widely used, however. EasyPay123s AVS tool (powered by Skipjack Transaction Network) enables merchants to control how closely the numeric address information must match in order for the transaction to be allowed to settle. Another technology supported by the credit card companies is called CVV2 (Card Verification Value) by VISA, and CVC2/CID by MasterCard and AMEX respectively. These technologies use codes that are embossed on the back or front of VISA, MasterCard and AMEX cards. CVV2 and its counterparts require a card holder to enter the codes at transaction time to verify that they are in physical possession of the card. Since these values are not stored in transaction databases with other credit card information, hackers cannot gain access to them if they somehow acquire credit card numbers from a database. During the authorization process, the card issuing bank verifies the CVV2 value that was entered with the credit card number. Communication-Based Methods The primary technology for securing transactions as they are transmitted over the Internet is Secure Sockets Layer (SSL). SSL encrypts confidential data (i.e. converts it into an unreadable form) to ensure that unauthorized individuals are not able to view or modify it as it is being passed between the customer, the merchants website and EasyPay123. The merchants order form must be secured with a digital certificate to establish an SSL connection with the customer. Customers can be confident that their payment session is secured using SSL when they see the closed lock at the bottom of their browser. Digital certificates can now be purchased directly from Skipjack Business Network at biz.skipjack.com. Storage-Based Methods Once the order information reaches the payment gateway, it must be securely stored in order to reduce the risk of hackers gaining access to confidential information via the Internet. When securing credit card information, most payment gateways encrypt (secure) the entire database. The problem with this approach is that, if the database is compromised, a hacker can gain access to potentially thousands of credit card numbers for fraudulent use. With EasyPay123, each transaction is individually encrypted using patent-pending security technology. Even in the unlikely event that one transaction is compromised, all other transactions remain secured. In addition, when using EasyPay123, credit card numbers are stored only on the EasyPay123 system as opposed to being in the merchants database where security measures may be more difficult to implement. As an additional security method, only the last five digits of a credit card number are viewable through EasyPay123s Reporting Tool, Merchant Services or email and response notifications. EasyPay123 also enforces a rigorous password policy in order to restrict access to sensitive data only to authorized individuals. Passwords are changed on a regular basis to further enhance password protection. It is important that you choose a password that will not be easy to guess and keep it in a safe place to eliminate the risk of others gaining access to your data. Using Sound Business Practices Although there are many technological tools available in the fight against fraud, one of the best tools available is good business discipline and judgment. A number of good business practices can help reduce fraud: (1) Spend time validating each order, particularly ones where the shipping and billing addresses are different or where the email address is from one of the free email services (2) Ask for complete information at the time the order is made (3) Be extra careful of overseas shipments (4) Dont ship to PO boxes (insist on a physical address) (5) If youre unsure of anything, call the customer directly Summary No single method of fraud prevention is foolproof. The key to fraud prevention is to leverage appropriate technology and apply sound business judgment to all transactions. If you have any questions about the process, please call us at EastPay123 toll-free at 866-438-8767. About EasyPay123 EasyPay123 is a leading supplier of payment processing solutions to businesses across North America. Offering world-class solutions at affordable prices, EasyPay123 helps merchants simplify the process of acquiring, launching and using payment applications to improve the way they do business. Visit us at www.EasyPay123.com. For a description of some of the e-commerce terms used in this article, please visit our online glossary at www.EasyPay123.com. If you found this article helpful, you may wish to request one or more of the other articles in the EasyPay123 series by visiting our website. Articles in this series include: Understanding E-commerce Transactions How Transactions are Processed Getting Merchant Accounts How to Design and Build Payment Applications How to Choose a Payment Gateway How to Pick a Shopping Cart Preventing Online Fraud Gaining Visibility for Your Website Understanding Wireless Payments Љ 2003 EasyPay123 All Rights Reserved. This article may not be copied, reprinted, published, translated, hosted, or otherwise distributed by any means without explicit written permission from EasyPay123. About the author: Robert Levings is President of EasyPay123, a leading provider of online payment solutions to merchants across North America.

Affiliate Revenue
Auctions
Audio Streaming
Blogging RSS
Broadband Internet
Business
Communications
Domain Names
E-Books
Ecommerce
Email Marketing
Ezine Marketing
Ezine Publishing
Forums
General Communications
GPS
Internet and Businesses Online
Internet Marketing
Mobile Cell Phone
Networking
Podcasting
PPC Advertising
Satellite Radio
Satellite TV
Security
SEO
Site Promotion
Spam Blocker
Teleseminars
Traffic Building
Video Conferencing
Video Streaming
VOIP
Web Design
Web Development
Web Hosting

Free Articles