Fighting Fraud and Reducing Chargebacks
It is not possible for you to avoid fraud or chargebacks completely. However, the following tips and procedures could help you reduce the number of retrieval requests and chargebacks you may receive.
Your website should display the following information:
Delivery of your product / service
You should retain documentary evidence of the delivery, together with a description of the goods/services supplied, for a minimum of 12 months. Do not despatch goods by whatever means (including online delivery) to a third party address (that is, an address other than the cardholder's address) - this is considered to pose a higher risk of fraud. When delivering the goods, obtain the cardholder's signature to show proof of delivery. If possible, take an imprint of the card at this point.
Product quality / customer service / refund policy
You should ensure that:
- Your products are of high quality and reflect exactly any claims or promises made in your sales literature; this is governed by sales of goods legislation in most jurisdictions
- Delivery of your product / service is prompt and within the timescales advised to the cardholder
- You have a refund policy and honour it
- You respond quickly to retrieval requests and chargebacks
Refunding the transaction
You can refund a transaction. However, once you receive an RFI or a chargeback, it is too late to refund the transaction. If you do so you risk losing the money twice. It is also contrary to of card scheme rules to issue a refund for a transaction that has entered the retrieval and chargeback system.
We would highly recommend that you refund any transaction flagged by the issuer as 'High Risk' to reduce the chance that a subsequent chargeback will be issued.
Often, the most effective tool against transaction fraud is to review each transaction manually. The following unusual circumstances may indicate a transaction fraud:
- Being requested to ship orders outside your own country, especially to known centres of internet credit card fraud such as the ex-eastern bloc or developing countries with undeveloped banking systems.
- Orders that are outside your norm, for example multiple purchases of an item normally only ordered singly (e.g., 10 copies of the latest Dizzee Rascal CD, or even 2 television sets), or purchases that vastly exceed the average value of normal orders. Where you have regular purchasers, you should query orders outside their norm.
- You should be wary of orders placed by purchasers in the middle of the (their) night. Again, these may be legitimate, but some may lead to chargebacks.
- A customer ordering unusually large amounts of an item without any preference for the size, colour, make, or model.
- An existing customer who suddenly orders a substantial volume of goods.
- A customer who provides you with more than one card to cover one order or a set of orders.
- A customer who orders more than once in a given day.
- A first-time customer ordering a number of goods quickly.
- A number of large orders from customers at a trade show.
- A customer who has attempted the same transaction more than once, with the card failing at the first attempt.
- A customer who refuses to confirm their credit/debit card and billing address details.
- Avoid free email addresses such as hotmail.com and yahoo.com as much as possible, as they can not be traced back to the owner.
- Unusual origins, e.g., a U.S. - issued card is offered during a session from an Egyptian-based customer with a delivery address in Italy.
- Re-tries, in which a person enters multiple credit card numbers until an authorisation is obtained.
Practical advice on avoiding fraudulent chargebacks
There are a number of things that you can do to reduce your risk.
Require that the customer send you a signed fax, preferably with a photocopy of the front and back of the card, so that you can check the signature. Your website should allow the user to automatically print the order form, so it only needs to be printed out and sent.
Arrange for the customer set up an account first and either check with the issuing bank of the credit card that the provided address is correct, or have the customer fax a copy of their latest credit card statement and/or passport/driving licence.
Verify the use of the credit card to the customer's actual postal address by other means than email, such as a letter, phone call, fax, or SMS message, to reduce the level of fraud risk.
Implement a rule-based order-checking system to eliminate typical scams from your web site.
Use AVS or a third-party address-checking system (e.g., Equifax, 192.com) to ensure the customer's address is verified. Avoid shipping to an address different from the billing address.
If you must send goods to a shipping address that is different from the mailing address associated to the consumer's credit card, we suggest that you call the consumer and have them fax a copy of at least one bill from the address, or a copy of the driver's licence of someone who lives at address that was provided. We recommend that you never ship to P.O boxes.
Check each transaction against previous transactions for a given credit card and check for any anomalies.
Avoid shipping to countries such as those with known high levels of fraud.
When delivering goods, obtain the cardholder's signature to show proof of delivery. If possible, take an imprint of the card at this point.
Retain documentary evidence of the delivery, together with a description of the goods/services supplied, for a minimum of 12 months.
Chargeback and Anti-Fraud Guide
The Chargeback and Anti-Fraud Guide will give you an overview of what chargebacks are and how to protect yourself against fraud.
Download the Chargeback and Anti-Fraud Guide (PDF 154 KB)