The right ecommerce platform makes it easy to thwart cyber thieves from placing orders in your online store. Following are four options to consider:
Prevent – The first step is to remove the ability of someone to use your online store as a mechanism to test stolen credit card numbers. While your Gateway provider will provide credit card authorizations (this is what the “bad guys” are looking for) you can limit the number of attempts that someone can make when submitting their credit card info. Two or Three attempts is enough for a legitimate customer to accurately enter their credit card info, yet will quickly frustrate someone simply looking to test stolen card numbers.
Require – Be sure to require that customers provide their Card Validation Value (CVV) code when ordering, as it is unlikely that someone with a list of stolen credit cards would also have this information. At this point, most customers know where to find the CVV value on their card so this is no longer a barrier to an online sale. Due to PCI compliance, the CVV value cannot be stored so be sure that the ecommerce platform you are using is compliant.
Compare – Ideally your ecommerce platform will automatically flag orders when the IP address where the order was placed does not match the bill to location of the order. While an IP mismatch does not necessarily indicate fraud (for example, a legitimate customer could place an order while overseas on a business trip) it is a good tool for a merchant to decide if an order looks suspicious.
Block – If you suspect or see fraudulent attempts originating from countries where you do not conduct business, simply block them so that someone in that country cannot access your store in the first place. Many U.S. based business do not have the ability to ship their products to a whole host of countries, so why not block access in the first place? As an added security measure, block access to your admin system from any country that your business is not physically located in.
For merchants using Nexternal’s ecommerce platform, all of the above can be accomplished in minutes. The Maximum Number of Attempts and the CVV Requirement are located in Settings/Compatible Software/Authorization Preferences. Countries can be blocked in Settings> Anti-Fraud and Security, and all orders will automatically be flagged if they have an IP mismatch.
A few simple steps are all it takes to move your business from one that worries about fraud to one that focuses on growing its business.