Chargebacks - Assessing Fraud Risks
Chargebacks can occur for a number of reasons, one of which is fraud. It is your responsibility to
train your staff on how to prevent fulfillment of a fraudulent order. It’s also important to
remember that some orders that raise one or more “fraud caution flags” aren’t fraudulent, so be
careful not to turn away good orders and customers!
Fraud Caution Flags
- Card Verification Value (CVV) mismatch
- Address Verification System (AVS) mismatch: Address Line One; Zip Code; Billing
Address - High Average Ticket
- No Card Message or no signature
- Same Day Order
- Late night order (fraudulent orders increase at night)
- No coupon - those placing fraudulent orders don't care about saving money for the
cardholder. - Free Email Address (Gmail, Yahoo, AOL, MSN, Comcast): Look for an email address
that has no apparent connection to the customer’s name
Know your area and keep a list of your surrounding areas where you receive the most
chargebacks from. Is this order being sent to a zip code with a history of fraudulent claims?
What to Do if you Suspect Fraud
No single factor by itself is indicative of risk; however, when a combination of factors is present
during a transaction, additional scrutiny is warranted. Orders with high risk levels should be
further investigated.
Investigating an order with a high-risk level:
- Try calling the customer to ask a question on the order (i.e., if no card message; ask them
what they want to say.) - Is the phone number invalid?
- Did you speak to the person that is listed on the billing information?
- Do a reverse phone look up on a site like whitepages.com. See if the phone number is
associated with another address other than the billing address listed on the order.
If after reviewing an order and further investigating as described above you still suspect fraud,
you have to make a business decision to either fulfill or cancel the order.
Chargeback Dispute Process
Roti has added a layer of protection for web orders fraud review, and Roti will require some data
from the store in order to accurately identify fraud.
Data: What We Ask for and Why
Roti’s fraud detection system is based on a unique combination of machine learning and human
research and input. The machine constantly searches for patterns and matches, and Roti’s team of
domain experts engage in constant research into transaction data, consumer buying patterns,
technological possibilities and the fraudster ecosystem, feeding that information into the system
to improve it and ensure it is adapted to meet the latest fraudster techniques.
This fraud detection system manages to achieve such a high level of accuracy in decision-making
because of all the work that is carried out on the data. There’s a huge amount of information
embedded in your customers’ behavior, order details, account interactions and so on, and Roti is
able to extract it and leverage it to protect your site, enabling you to trust the right customers
unhesitatingly, while blocking the bad ones. None of this can happen without a rich, accurate
data set to work on and from. Be aware that fraudsters are constantly trying out new ways to
conceal their identity and act in ways associated with legitimate customers.
Validation API
This is the API which receives transaction information and sends back an “approve” or a
“decline” decision. The data that the customer enters or displays at the time of transaction are
extremely important in deciding whether fraud is present or not. At the point of transaction, Roti
will need:
- Payment data - Roti is PCI compliant and does not collect the full PAN number. Data sent
includes the card BIN (first 6 digits), last 4 digits, expiration month and year, issuing
country, etc. - Billing Address if it is collected as part of the checkout flow
- Processor Response Details such as the CVV and AVS results
- Order Amount
- Connection Information such as the user’s IP address, the browser user agent, the Forter
JavaScript token cookie, which is passed from the website, UserAgent, etc. - Recipient information such as the recipient’s name, delivery address, email, and phone
number - Products Purchased (aka: cart items)
- Delivery method
- Discount Details
- Account Information
Comments
0 comments
Please sign in to leave a comment.