With the growth of the worldwide web and internet users, online shopping, due to its varied benefits has become a norm of the day. While online merchants are reaping its benefits, they surely are facing a major hurdle with ‘chargebacks’ and other losses, due to the increasing occurrences of Credit Card frauds!
Even after a Credit Card processor or registration service approves an order, the merchant should perform additional checks at his/ her end as fraudulent orders are sometimes approved. Online merchants need to develop safeguards to prevent fraud and thereby reduce their losses.
Whois data can help bring suspicious orders to your notice, which should then be probed further to verify their authenticity. Merchants can customize various data points to raise red flags for each transaction. Some of the preventative methods and post-order procedures that merchants can perform using Whois data to minimize Credit Card fraud are as follows:
Checking domain of the e-mail address
Checking on the domain name (provided in the email address after ‘@’) for various parameters can be very useful. In case the domain is newly registered or is about to expire, then chances of it being made to undertake fraudulent activities are usually considered high, as per cyber security statistics. In such cases, investigating further would be recommended.
Manually checking the domain can also help to know if it’s legitimate. A website that doesn’t exist or is under construction should raise suspicions too.
Checking Registrant name
Registrant name in the Whois Record could be an important point of verification for fraud. Mark discrepancies by comparing the name of the person who has placed the order with the Registrant name. Also, if the Registrant name in the record is incomplete like Mr. Bond (no first name) or seems like a fake name like James Bond (yes, very classy), these could be parameters that could raise red flags and require looking into.
Checking the address of the registered domain
If the address of the registered domain is in a high-risk country, the merchant should be cautious. High-risk countries include developing nations like Indonesia, Malaysia, Benin, Nigeria, Pakistan, Israel, Egypt, and Eastern European countries. In the case of such orders, especially if they are high-cost orders, only after verifying the authenticity of the order, should merchants get into processing them.
Billing/ shipping address difference
If the billing/ shipping address and the domain registered address are in different countries or differ vastly or even a registered address which may seem fake like 123 Centre Street, then there can be chances of nefarious activity, which should raise red flags.
Checking Registrant Details
With Reverse Whois search, a query can be made on the Registrant and all the domains owned with their details can be retrieved. If these domain details don’t match up or seem bogus, then merchants should probe further in such cases.
Online merchant should develop various rules suiting their unique business model to determine cases that they would like to be flagged; eg. Billing and shipping address should not be more than 1000 miles apart in general, there are higher chances of fraud in electronics, gifting items should not have same billing and shipping address in general, etc.
Also, they should have a policy of not shipping any order until the orders are verified by their additional checks. A confirmatory email of the order should be sent, explaining additional checks are being performed to reduce fraudulent orders.
Conducting further checks depending on the size of the business should ideally not take as much time. Various ways in which, at least, small and medium sized merchants can verify orders that have raised a red flag are:
- Calling the customer directly to verify if the order has been placed. Usually, fraudsters will refrain from giving their real number.
- Calling the Credit Card processor to verify details. In case there is still an iota of doubt, details of the Card issuing bank can be gotten by providing your basic details as verification. You can then call the issuing bank and confirm with them. You can also ask the card issuing bank to make a courtesy call to the customer to verify the charge.
These steps may take some time and cost a little bit of money to the merchant, but in return it increases the merchant’s profits by reducing fraud loss, improving operation efficiency and increasing revenue.