Frank Remarks: A Penny Saved Is a Penny Earned: Preventing Online Fraud
Like this article? We recommend
Like this article? We recommend
Like this article? We recommend
Many years ago and before the arrival of the public Internet, when I had my own computer mail order company, I finally reached the end of my patience. I was fed up with the credit card fraud that was perpetrated against our company. We complained to our bank, our credit card clearinghouse, and directly to the Visa and MasterCard companies, but all we got for our troubles were shrugs and an attitude of, "Well, don't take credit cards."
Yeah, right!
As with the Net today, that option was no option at all, since you can't run a successful mail order business without taking credit cards. We realized that if we were to stay in business we needed to protect ourselves. And if your e-commerce company takes credit card orders over the Net, that's what you have to do, too. But more of that later.
Wait a Minute...Who's the Bad Guy Here?
Before the onset of e-commerce, credit card companies preferred not to give merchant accounts to companies that were deemed MOTO—Mail Order/Telephone Order companies. Trying to get any cooperation or help from Visa and MasterCard in case of credit card fraud was like trying to get blood from a stone. American Express was better; they took the side of the merchant first and the cardholder second. Not so with the other cards. If a MasterCard or Visa cardholder had a problem with a mail order company, that company was deemed guilty until proven innocent, and the business had little or no recourse for getting their money—or even getting back their product!
Times have changed since my little run-in with the credit card companies. When the dot-coms hit the web, Visa and MasterCard initially decided to treat them the same way they treated other MOTOs. But that tune quickly changed. Companies like First Virtual and CyberCash created the first forms of web-based use of credit cards and fired a warning shot across the bows of the credit card companies. Suddenly they saw themselves being "Amazoned" by these online upstarts, and they scrambled to respond.
Visa and MasterCard now actively promote the use of their cards online. And for good reason—there has never been a recorded incident of an individual's credit card data being stolen while being securely transmitted over the Net. In fact, there is more of a risk in having your credit card stolen offline than online.
All well and good. But when the Internet was first booming, media headlines were screaming about consumer safety and the possibility of credit card numbers being stolen during the online purchasing process. As you can see, this didn't happen. With all of the systems being put into effect to ensure consumer safety, however, the credit card companies neglected to protect the merchants from the consumers. And unfortunately, there still is no protection. Your business must assume the responsibility for protecting itself.
Any person experienced in e-commerce knows that building an online business takes a lot of work. Nothing can be worse than seeing all your hard work lost through credit card fraud. Why doesn't your bank protect you against fraud? Because your merchant agreement with them says that they can't. It's that MOTO thing again. Transactions by merchants on the Net fall under the heading of MOTO. Most credit card merchant account agreements leave you, the merchant, 100% liable for fraud committed at your web site. And that's not all. You're also required to pay the $15–$25 chargeback fee that the bank hits you with when the charge on the customer's stolen card is reversed by his or her bank. And if you accrue too many chargebacks, your merchant account can be terminated. After one is terminated, it's nearly impossible to get another merchant account.
Not a pretty prospect. And knowing that you're likely to experience an attempt to defraud you sooner or later darkens the picture even further.