Credit card information is extremely sensitive, and plenty of villains are waiting to exploit any breach in your security. Online merchants are as susceptible to credit card fraud as face-to-face retailers. Make sure your merchant account provider (MAP) has addressed these issues.

Secure Transaction Data
You must reassure your Web customers that their personal information is safe by processing their orders through a secure server, which encrypts the data exchanged in processing their order. Most of the gateways your merchant account is likely to use encrypt data to prevent message tampering. The current industry standard for secure servers is SSL (secure socket layer), but Visa, MasterCard, and several major banks are developing an alternative called SET (secure electronic transaction). If you are setting up for instant verification, ask potential MAPs about their security systems. If you process your orders manually, you'll need to provide SSL on your own server (ask your Web site host about security if you do not operate your own server).

Prevent Payment Fraud
Fraud prevention can be accomplished in several ways; check with your MAP to see what method they employ. Address verification service (AVS) is one common means of prevention. AVS verifies key components of a customer's shipping addresses against addresses that the credit card issuer has on record for that consumer. Research shows that about 65% of the time, criminals using card account numbers fraudulently do not know the account's related billing address. When an address fails to match either partially or totally, an AVS-enabled merchant will be notified immediately through the authorization code received after the card is entered and can take further steps to verify the legitimacy of the purchase. AVS can verify addresses for Visa, MasterCard, proprietary card, and private label transactions. To find out more and download a "Merchant Guide to Visa Address Verification Services" as a PDF file, visit MerchantService.

MAPs often require that merchants follow guidelines for accepting credit card payments to reduce the risk of fraud, such as obtaining an authorization code and checking the card's expiration dates. When these guidelines are followed, merchants reduce their risk in the event that a credit card is stolen or fraudulent. In most cases the merchant is responsible when a fraudulent card is used and will be charged back the sale amount by the cardholder's bank.

Copyright © 1995-2000 Pinnacle WebWorkz Inc. All rightsreserved. Do not duplicate or redistribute in any form.