At Skipjack, we know that you are concerned about fraud. So are we. That’s why we are offering the following information, so you can implement the processes and tools to help you lessen the risk of becoming a victim of fraud. We strongly suggest that you read through this section carefully as well as the related documents mentioned in the text. If you have further questions, we’re here to help.
Recognizing Fraudulent Activity
Two common types of fraud which appear to affect ecommerce merchants with great frequency are:
Credit card testing fraud occurs when multiple small dollar amount transactions are posted to a merchant’s account using stolen credit cards or randomly generated card numbers. The purpose of these transactions is to identify valid credit card numbers that can subsequently be used to perpetrate purchase fraud (see below). The dollar amounts are typically low because the individual(s) committing the fraud want to minimize the amount of available credit used on valid cards. These fraudulent transactions can be costly to the merchant due to banking fees and the risk of chargeback fees.
Purchase fraud is a purchase made from a merchant using a stolen credit card number. These purchases can be costly to the merchant due to chargebacks and loss of the merchant's product (and associated costs). Excessive chargebacks can result in a merchant losing his or her merchant account privileges. Suspect transactions possessing one or more conditions listed below should be carefully monitored by the merchant, and orders should be validated prior to shipping the product.
- False-sounding name
- Shipping address is different from the billing address
- Email address is from a free email service, such as Hotmail
- Email address is not the same as the customer’s name or contains random characters
- Order is international and is from a high risk country, such as Nigeria
- Incorrect phone number
- Repeat purchase attempts using the same credit card number
- High quantity purchases
Skipjack and Fraud Detection and Prevention
You should review your Skipjack account on a daily basis for signs of fraudulent activity. This will help reduce the risk of falling victim to fraudulent activity on these accounts. Skipjack also offers the following fraud detection and prevention services listed below.
To configure your fraud services, please call 888-368-8507 extension 1 , and a support representative will enable these for you.
AVS – Address Verification Service
AVS helps reduce fraud instances by filtering transactions whose numeric billing street and/or zip/postal code address does not match that on file with the card issuing bank. Skipjack offers both domestic and international billing address verification. AVS filters are configured by selecting “yes” or “no” for each AVS statement. Skipjack will decline an approved transaction if it fails an AVS filter. To learn how AVS works, click here.
Velocity™ is an effective tool for preventing multiple transaction fraud attempts. Merchants can be notified via email of suspicious activity on their Skipjack account as well as reject transactions according to quantity and dollar limits. To learn about Velocity™, click here.
CVV Required Field
Skipjack can enable a setting on merchants’ accounts so that the CVV (Card Verification Value) is a required field to process transactions. The CVV is a 3-digit security code on the back of MasterCard, Visa, and Discover. American Express has a 4-digit code located on the front. Requiring the CVV ensures that the customer is in physical possession of the credit card. In most cases, the card issuing bank will decline a transaction that does not have a valid CVV value. To learn more about the CVV, click here. The payment interface must be designed to allow customers to enter the CVV value at the time of payment.
Supplemental Transaction Authentication - Passing the Developer Serial Number
Merchants can send an additional 12-digit alphanumeric data field known as the developer serial number to Skipjack with each transaction. The developer serial number can be enabled to be a required field. This will eliminate the ability for someone to “guess” the correct serial number/authentication number combination to process unauthorized transactions through a merchant’s account.