Google Answers Logo
View Question
Q: eCommerce and Fraud, how do I minimize my exposure? ( Answered 5 out of 5 stars,   2 Comments )
Subject: eCommerce and Fraud, how do I minimize my exposure?
Category: Business and Money > eCommerce
Asked by: lizardnation-ga
List Price: $10.00
Posted: 15 Apr 2003 16:43 PDT
Expires: 15 May 2003 16:43 PDT
Question ID: 190964

I'm about to embark on a small e-venture that has to do with the
wonderful world of online transactions and the inconveniences for
consumers or risks for merchants that come with it.

From what I understand, most transactions place the burden of risk on
the merchant, even if they only allow those transaction that
successfully pass the address check and the security code on the back
check.  Why is that?

Do I really need to push my clients to fax me a signed document if I'm
going to trade in low profit and high price tag items that I can't
afford to be double crossed on?

I've been told to either take the risk on small amounts or bare losing
those customers whom might not want to deal with me if I insist on
alternative assurances.

I'm looking for two things, one is a required deliverable and the
other a goodie icing option:

Required: Advice and statistics of small businesses with relatively
small ticket items and services and low volumes.

Optional: Services which may narrow or close the gap, just as
insurance companies offering some protection at a premium perhaps.

Thank you.

Subject: Re: eCommerce and Fraud, how do I minimize my exposure?
Answered By: angy-ga on 17 Apr 2003 03:38 PDT
Rated:5 out of 5 stars
Hi, Lizardnation !

As always Aceresearcher has come up with some excellent resources and
links, but I would like to add to them and suggest one partial way
around the problem, based on my own experience.

You will find a great deal of help and resources, as well as chat
lists etc., available if you become a member of Merchant 911. An
active lobby group, their site is at:

Following the articles and discussions for a while makes it clear that
the banks have no incentive to clamp down on internet credit card
fraud, since they make large sums of money from the chargebacks - the
fees they charge the merchant for reversing the transaction when a
customer complains that their card was used fraudulently, or that they
did not receive the goods.

For example, you can find a December 4, 2002 press release by Tom
Mahoney on the site at:

It states:

"Merchant 911, an E-commerce merchant advocate group, announced today
that it has added even more anti-fraud tools to it's arsenal of
weapons against the scum that try to perpetrate credit card fraud.

"We'll never stop them all." said Merchant 911's Founder and Director,
Tom Mahoney, "But we're giving them a good run for their money."
According to Mahoney, the new on-line fraud fighting tools and the
organization's close ties with Card Cops , Merchant Fraud Squad,
Combat Fraud, and the UK based Early Warning , make it clear that
on-line merchants are fed up with rampant fraud on the Internet and
the credit card companies' total lack of interest in cleaning it up.

Mahoney said, "We have merchants blocking entire countries and ISP's
from getting to their E-commerce sites, and that's only the beginning.
There's even talk about merchants sharing bad card and known scammer

Mahoney says that the card companies and processors don't do good
fraud screens and won't provide merchants with the information they
need to do it. Mahoney goes on to say, "What choice do we have? As
long as the credit card industry profits from fraud, they are not
going to help us. We have to do it ourselves - and we can certainly do
it better." "

Members share information about fraud attempts, and support each other
in attempts to prove purchases were made by clients who later claim
that they were not.

Sometimes chargebacks are instigated on genuine transactions. For
example you receive your credit card account and you have no idea who
biller MSK is. You've forgotten that it's your attorneys McMurdoe,
Selvedge and Klung, especially since you always deal with the new
partner, Ms. Fairweather. You phone your credit card provider to find
out who the biller is. Sometimes, instead of simply telling you, they
automatically put a chargeback in place, reversing the payment to MSK
and also charging them a hefty fee for the reversal (a chargeback). If
MSK notch up too many chargebacks, they may lose their merchant credit
card facilities.

That said, you need to assess the likelihood of your particular
business attracting a high proportion of fraud. Low priced computer
hardware desirables are likely to attract more fraud attempts than
low-priced personalised baby bibs, for example.

However, if you are willing to pay a commission in order to avoid
coping with these problems directly, you might consider using a third
party service such as Worldpay or Paypal who assume some of the risk
for you, though their process of getting the customer to set up a
special account with them is off-putting for some, and Paypal has been
the target of recent criticism. See the Pay Pal Fraud and Complaint
Forum at:

Note: DON'T go to the forum if you don't like on-line swearwords.

If you wish to process sales outside of the USA you will need a third
party processor who deals in multiple currencies. I've mentioned
before in other answers that I investigated a number of these for my
own company in 2001 and finally came down to two third party processor
services, both based in the USA, whose costs seemed reasonable. I then
emailed a number of their overseas merchants to see how happy they
were with the service, and both showed up well.

These processors essentially act as your online retailer, which means
problems with fraudulent credit card use are their problems, not
yours. . Their fees are not additional to any merchant card fee. It
also means that your prices displayed in US$ appear on the client's
account charged in US$. The conversion only comes in when the provider
pays you.

We eventually went with CCNow. Their site is: 

They offer a shopping cart which is very simple to set up, they claim
to promote your site, and you have a lot of control over where and
when your money will be sent. The arrangement with them can be
terminated at any time - there is no contract length. They have a
monthly fee of US $11.95 which is for inclusion in their monthly
Promotional Programme: "Your Web site will be found in the search
results of over 125 of the top search engines including America Online
and Microsoft Network."

I have to say looking at my stat log files I cannot see any evidence
of our being visited by search engines other than those I have myself
submitted to, but there may be overlaps. Their other charges for
overseas clients are:

"Monthly Sales Volume Retail Margin $0.00-$100.00 NONE
 $100.01 and above 11% of your total sales in excess of $100.00 

" Note that: "* During the initial 30 day trial period you will not be
charged a $9.95 monthly promotional fee ($11.95 monthly promotional
fee for International clients). You will be charged a flat 9% retail
margin (11% retail margin for International clients) on each sale made
through CCNow. "

However CCNow pays you interest at the rate of 1.5% APR on funds
sitting in your account.

We felt their charges were more or less offset by the fact that sales
were free of local sales tax, and they seem very professional.

Have a look at their very strict returns policy, however, and see if
that suits you.

They do not accept "adult" sites and deal only in "tangible"
merchandise ie: "physical products that are shipped to the Online
Shopper's physical address".

They state: 

"This policy helps CCNow to maintain our low retail margin. Tangible
merchandise incurs a much lower rate of inquiries, disputes, and fraud
than service-based sales or electronically delivered products." They
also do not allow sales of such things as drugs, explosives, live
animals and alcohol.

We were also impressed by 2Checkout at: 

which charges a US$49 Merchant Account Setup Fee , then $0.45 per
Transaction plus 5.5% of Transaction Amount. There are no monthly

They boast: "FREE Check Payment or Low Cost Wire to Non US Bank
Accounts FREE Shopping Cart! FREE Code For Your Site FREE Tech
Support! "

They support recurring billing and do permit the sales of downloadable
products such as ebooks, music etc. Again there is no commitment to a
term - you can leave them when you want. They accept cheques. They
have similar restrictions on the sale of animals, pornography, psychic
readings and firearms etc. but will provide information on how to sell
"hard to place products".

As it turns out, since our product has not sold as well as we hoped,
we would have done better to go with them than CCnow with its monthly
"promotional" fee.

You might also care to look at Linkpoint at: 

American Express, MasterCard, Visa, Discover, Diners Club/Carte
Blanche and JCB are supported, as well as electronic cheques. They
seem comprehensive, but much more complicated to set up and their
pricing structure is only available by contacting their sales
department, which always annoys me, especially when I get an
autoresponder reply.

Good luck with your project.

Search Terms:

Paypal fraud

Otherwise I was relying on the research I did some time ago, although
I went directly to each site to make sure the information I have given
is still current.

Request for Answer Clarification by lizardnation-ga on 17 Apr 2003 05:41 PDT
Hello Angy,

Thank you for the information, it is surely very valuable.

I did mention that I was interested in statistics having to do with
small businesses and fraud, have I overlooked where you may have
mentioned that in your answer?

I'm looking at Linkpoint as well.

Thank you.


Clarification of Answer by angy-ga on 18 Apr 2003 00:11 PDT
Sorry, I didn't make it clear.

Merchant911 - as well as supplying much support and good advice, and
various tools to help you minimise your risk, also provides links to
lots of articles and statistics, both on the site and through the chat

Here are a few that may be of interest:

An excellent article on Internet Fraud Statistics is on CCbilleu's
site at:

It is a PDF file so I cannot cut and paste, but it is compiled from a
variety of sources, and links to those sources are given at the bottom
of the article. It is very comprehensive and has excellent charts, and
among other things points out that risk is greatest for merchants
having high volume transactions, merchants selling digital content or
software downloads online, merchants selling high cost, easy to resell
goods such as electronic items, and merchants with a high proportion
of cross-border sales.

An article by Edgar Dunnon Epay News:

"Mar 27 2003 : Chargebacks on card payment transactions currently run
at about 0.20 per cent of transaction volume....while end-to-end
processing costs average almost USD 50 per chargeback. Credit card
firms spend almost USD 8 billion per year in the US alone, and up to
USD 12 billion globally to handle these chargebacks, which are being
fueled by unprecedented growth in identity theft and online card
fraud. Chargeback processing, losses and costs comprise about 15 per
cent of overall card issuing operational costs, and about 25 to 30 per
cent of card acquirers’ operational costs..."

You will also find Emarketer a great source of statistics in the
articles which are free to view, print or email. Scroll down and on
the left you will also find you can subscribe to a free daily
newsletter and "Today's Article" is free to view or print out. You are
also able to buy individual reports. If you are willing to subscribe
$500.00 for thirty days or $2500.00 a year -  (I'm not)- you can get
access to all their information. They are at:

An article on Net Fraud at:


"The 2002 Internet Fraud Report ...indicates that 36,662 of the 48,252
cases of fraud processed by the IFCC last year were reported with some
sort of monetary loss. The IFCC finds that 46.1% of the complaints it
received in 2002 were auction-related, 31.3% were related to the
non-delivery of merchandise and/or payment and over 11% were related
to the notorious Nigerian letter scam."

I hope this gives you some good sources.
lizardnation-ga rated this answer:5 out of 5 stars
Pretty good answer Angy, did it for me. :-)


Subject: Re: eCommerce and Fraud, how do I minimize my exposure?
From: aceresearcher-ga on 17 Apr 2003 01:48 PDT
Hi again, lizardnation!

It is always great to see one of our best Customers again!

One of the better ways to reduce your risk of fraud is to make sure
that your shopping cart / credit card verification software requires a
valid Credit Card Verification Code (usually printed on the signature
strip on the back of the card), and sometimes referred to as CCV, CVV,
CVV2, or CID:

From the AssureBuy Industry Information site's article "Five Tools You
Can Use to Prevent Fraud", By Julie Fergerson, Co-Founder,
ClearCommerce Corp (reproduced from

"3. Card Verification Codes 

Card verification codes (known as CVV2 for Visa, CVVC for MasterCard,
and CID for American Express) are a fairly new way of verifying that a
credit card is valid. For American Express, the code is a four digit
number that appears on the front of the card above the account number.
For Visa and MasterCard, the code is a three digit number that appears
at the end of the account number on the back of the card. The code
does not get printed on any receipts.

As a merchant, you can ask for this code on your online order form. In
fact, MasterCard will require merchants to collect this information as
of April 1, 2001."

This white paper also discusses the security measures
"1. Real-Time Credit Card Authorization...
 2. Address Verification Systems (U.S. Only)...
 4. Rule-Based Detection...
 5. Predictive Statistical Models..."

and includes a cost-benefit analysis of the various methods.

You may want to perform free registration at the Merchant Fraud Squad
and take advantage of their information and other resources on
preventing e-commerce fraud.


Subject: Re: eCommerce and Fraud, how do I minimize my exposure?
From: lizardnation-ga on 17 Apr 2003 05:10 PDT
Hello Aceresearcher,

I appreciate the background on the CVV information.

Till a few days back, I was under the false impression that having
verified the address and CVV would make it difficult for a chargeback
to be requested by the user based on the assumption that if the
Address and CVV parameters get verified, that means the customer at
the website knows those pieces of information and if they are not the
owner of the card and the card is not reported stolen, it would assure
it to be the responsibility of the card owner.

Why the above is not valid, I don't know although it sounds logical.

Thank you for all the free information, I surely benefit from it in
more ways than is apparent.


Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at with the question ID listed above. Thank you.
Search Google Answers for
Google Answers  

Google Home - Answers FAQ - Terms of Service - Privacy Policy