Whenever customers are unhappy with products or services, they can request a refund directly from you — the merchant.
This is usually an unpleasant experience, and retailers often go out of their way to avoid issuing refunds. The alternative, however, is much worse.
These dissatisfied customers also have the option of disputing purchases and initiating chargebacks through their banks. The banks then credit those users’ accounts before chasing you down for the outstanding balance.
Since chargebacks are so easy to initiate, customers increasingly abuse this system. Known as “friendly fraud,” these users knowingly buy products and services with the express purpose of reversing the charges later.
Chargebacks don’t require much justification. Something as simple as “I don’t recognize that transaction” will satisfy most card-issuing banks.
Protecting Yourself Against Fraudulent Chargebacks
In brick-and-mortar retail, there are numerous security measures that can help reduce the likelihood of credit card fraud and abuse:
- The buyer must be physically present to provide his/her signature and/or personal identification number (PIN) at the checkout counter.
- With the rise of EMV credit card processing, the customer’s embedded security chip must also be present at the POS terminal. Cloned credit cards aren’t very good at bypassing EMV security protocols.
- Time-stamped receipts make it easier for merchants to match in-person purchases with their security footage for that day.
Unfortunately, none of the above applies to the online world where anonymous shoppers buy products and services without having to physically present their cards. For e-commerce transactions to process, customers need only to provide their credit card numbers and expiration dates. As such, online shopping is precisely where chargeback fraud happens most frequently.
There’s even a name for it — cyber shoplifting.
Is Cyber Shoplifting Preventable or Inevitable?
Chargeback fraud online is very difficult to prevent, but it’s not impossible. There exist a range of security features that can help reduce the frequency of cyber shoplifting. Also, there are steps you can take to more easily spot fraudulent abuse before it negatively impacts your business.
Below are two of the most effective security measures every online merchant should implement.
1. Use an Address Verification System
An address verification system (AVS) allows you to automatically match a customer’s billing address to what the card-issuing bank has on file.
Note that requiring users to supply their billing addresses is an extra “sales” step that could hurt your overall conversion rates. But for most merchants, this is an acceptable risk given that chargeback fraud accounts for $16 billion in annual losses.
On its own, AVS verification isn’t a foolproof security measure. With so much data already freely available online, it’s relatively easy for a thief to scrape a customer’s billing address — even if that criminal has never actually seen the credit card in question.
That’s why you want to weave in an additional layer of security.
2. Request the Card Verification Value
The card verification value (CVV) is the three-digit code on the back of most major credit cards. For Amex users, it’s a four-digit code displayed on the front.
Just as with address verification, the CVV must match whatever the card-issuing bank has on file for that account. If there is a discrepancy, the transaction is automatically rejected.
Again, the card verification value — independently — is not a failsafe security measure. Anyone who handles that customer’s card can easily peek at the back and copy the information. This includes cashiers, wait staff and customer service representatives.
But the likelihood of someone knowing a customer’s billing address and CVV code is very low. Therefore, requesting both values increases the probability that the true card-holder is behind the purchase.
In the event that chargeback fraud does occur, it’s very difficult to prove your case if either of these verification values is missing. Their presence won’t automatically prove that the transaction was legitimate, but their absence will definitely raise red flags with the card-issuing bank.
Additional Layers of Protection to Combat Chargeback Fraud
Requiring users to provide both CVV and AVS values during the checkout process can go a long way in reducing cyber fraud within your online store. It’s a lot harder for customers to pretend they don’t recognize a charge if those purchases required verification values that only the customers would know.
There are additional steps you can take to further shore up your defenses.
For example, an IP fraud management filter allows you to automatically flag purchases made from suspicious locations. Perhaps a user’s billing address is in Rockville, Maryland — but if the purchase is being initiated from a location in Singapore, the IP filter will pause or reject that transaction until you’ve had a chance to look closer.
If you have questions about AVS, CVV or IP verification, schedule a free consultation with our team today.