Fraud Prevention & Screening Payment Gateway

WHY IS FRAUD PROTECTION SO ESSENTIAL?

Combatting the ever-growing numbers of card and data breaches around the globe should be a top priority for every business accepting CNP (card not present) payments. Any ecommerce or MOTO merchant needs to choose a payments provider with excellent fraud prevention solutions to ensure that their customers’ data and assets are protected.

In certain cases, fraudsters holding stolen card data may make purchases on your website. As an unsuspecting merchant, you will deliver the product before the fraudsters open a dispute and request a reimbursement (chargeback). You may be left without the product and without payment. In addition, the payments provider or acquiring bank will learn about the fraud and may terminate your merchant account on account of your breaching specific chargeback thresholds. You'll be put on a blacklist, meaning no chance for applying for a new merchant facility with other banks.

Source: fico.com

Losses in the billions
In Europe, losses due to fraud reached approximately 1.8 billion EUR in year 2016. The UK experienced the highest losses for a single country, where in 2015 the total loss was 646 million EUR and in 2016 this increased to 703 million. The UK and France alone contribute almost 75% of all card fraud in Europe.

Rising fraud trends
Based on data from Euromonitor International and the UK Cards Association, the card fraud losses across 19 European countries show that CNP (card not present) fraud increased from 50% of all fraud losses in 2008, to 70% in 2016.
European Fraud Map (fico.com)
Card Fraud in the UK (2017 FFA UK)

Standard Checks

Card Verification Code

This is a 3-digit code printed on the back of cards, and was one of the first security measures introduced with rise of fraud in online payments. Payment Card Industry (PCI) compliance standards do not allow merchants to store CVV codes, therefore in the event of card data being stolen these codes will not be obtained by the fraudsters. The payment gateway will not accept a payment when the CVV code is missing, as without it there is a high possibility of the transaction being fraudulent.

3D Secure

Verified by Visa and Mastercard SecureCode are essentially identical services for each card company. The process by which they function is known as 3D Secure and involves a redirect to cardholder's issuing bank website during the checkout process. At this point a special password needs to be entered. This is usually a PIN generated by a card reader, or a code sent by SMS. This extra security measure adds another essential safety net in protecting merchants’ customers.

Expiry Date

Although seemingly obvious, the required entry of a card’s expiry date is still an important tool to verify the card. Typically, the card issuers set an expiry date of up to 3 years. If the transaction request - received online or via phone order - contains an invalid month and/or year, the card issuer will not approve the transaction and it will not be successfully processed by the payment gateway.

Address Verification

An Address Verification Service is used to verify the address and postcode, as entered by the shopper, with the proof of address that card issuer has (the address to which card statements are sent). If there is no match, or only a partial match, it may indicate that the shopper is not the actual cardholder. In Europe, AVS is only widely supported within UK.

Optional Extended Checks

Velocity controls

Velocity checks are based on shoppers’ purchase attempts within a certain period of time. For example, if a would-be customer tries to place an order 3-5 times in a row, with each unsuccessful attempt, further attempts will be blocked.

BIN country match

The first 4 digits of a card number (BIN code) reveal it's issuing bank/institution name and country. If the actual location of an online shopper (IP country) is different than the BIN country, the transaction will be flagged or blocked.

Name changes

A customer’s name, address and email are compared across the entire payment gateway database. Excessive changes - for example, if the card number has been used in the past with other names or email addresses, the attempt will be blocked.

Blacklists

Any card numbers or other details, such as a cardholder's name/address, which have been flagged in the past and put on the ‘blacklist’, will be blocked by a fraud scrub filter automatically. This applies on a global scale on gateway services for all merchants.

Free email accounts

Statistically, fraudsters attempting to process stolen cards online will most probably use a free email account. If such an email address is detected, the fraud filter will give it a higher fraud score, indicating a possible fraudulent transaction.

Unusual activity

A combination of excessive changes to submitted details, usage of different card numbers or payment methods, repeated payment attempts or general suspicious activity will raise a user’s fraud score, giving the merchant the option to reject such a transaction.

GLOBAL CARD PROCESSING MERCHANT ACCOUNTS ECOMMERCE MERCHANT ACCOUNT POS PROCESSING HIGH RISK MERCHANT ACCOUNT GAMBLING ADULT PAYMENT GATEWAY MOTO / VIRTUAL TERMINAL

APPLY NOW RATES & FEES INTERCHANGE++ RATES FRAUD PROTECTION CONTACT US ABOUT US REQUIRED DOCUMENTS BLOG

UK: Dashwood House L17, 69 Old Broad Street, EC2M 1QS London
Netherlands: Gustav Mahlerplein 2, 1082 MA Amsterdam
E-mail Us: support@merchantscout.com
London: +44 (0)20 3289 2405
Amsterdam: +31 (20) 893 2835

MerchantScout offers global high risk card processing services for a wide range of industries, through an extensive global acquiring network of processing and banking partners.