Scram, Scam! If you sell on the Web, know that fraud is part of the e-commerce game. Don't let thieves get the best of you.
Opinions expressed by Entrepreneur contributors are their own.
Keith Peer, owner of Central Command Inc., knows all too wellthe risk of doing business on the Web. An online software merchantnear Cleveland, Central Command offers antivirus software toconsumers who have been attacked by hackers, crackers and otheronline scammers. Before Peer set up his Web site back in 1994, hetook several precautions to make it as virus- and fraud-free aspossible. His first step was to choose an e-commerce vendor whosesystem came complete with software to check for fraud.
Peer also did some checking of his own, keeping a close eye ontwo kinds of buying activities that could indicate fraud. Oneindicator was the purchase of multiple licenses without testing thesoftware. (It's common practice for software buyers to downloada free trial version before making a multiple purchase.) Anotherindicator consisted of orders from areas with high incidences offraud, such as Miami, Los Angeles and former Soviet Unioncountries. In both cases, he'd check and recheck credit cardnumbers to ensure they were legitimate.
Today, Peer's Web site is virtually fraud-free, but he stillhasn't let down his guard. "As soon as we went online, westarted experiencing attempts by consumers to use fraudulent creditcard numbers," says Peer, 33. "And we still see the sametraits over and over. It's an ongoing problem, but it's afact of life in the e-commerce world today."
Like Wildfire
Indeed, fraudulent "card not present" transactions arecommonplace on the Internet. Here, scammers obtain credit cardnumbers from stolen, used credit card slips and then make purchasesonline. When the credit card owner receives his statement anddisputes the transaction with his bank, the bank requires themerchant to provide a proof of purchase with a signature. If themerchant cannot produce a signature, the bank awards a chargeback,which credits the consumer's account and debits themerchant's account.
Some people who appear to be legitimate customers might actuallybe scammers who purchase products with credit cards and thendispute the charges, hoping to get their money back while keepingthe merchandise they've purchased. In these kinds of cases, themerchant loses both merchandise and money and may even incur achargeback fee.
"Merchants are 100 percent liable for every credit cardtransaction they accept, and they have very few rights in the eventof a chargeback where there is no signature," says StevePeisner, president of Shared Information Systems Ltd., an identityfraud and electronic shoplifting detection consulting firm.
Web merchants with a high incidence of fraud or more than 1percent of chargeback rates have been barred by card issuers fromaccepting credit card transactions at all. Many Internet merchantshave had their merchant privileges suddenly revoked, putting theminstantly out of business. "If you get a lot of chargebacks,that suggests your business isn't legitimate," says AudriG. Lanford, an Internet scams expert and co-editor of thenewsletter Internet ScamBusters. "Since all thesepeople are claiming there is a problem with their orders, yourbusiness can be perceived negatively."
Don't Get Carded
Despite the statistics, you can easily prevent your company frombecoming a victim of credit card fraud. Besides taking extra stepsto validate each order, check out the plethora of Web-basedservices that help combat fraud. Peer employed a fraud-detectionservice from NetSales Inc. (http://www.netsales.com) that detectsthe possibility of fraud and prevents fraudulent orders fromentering your system. Other companies that offer similar servicesinclude CyberSource Corp. (http://www.cybersource.com), HNCSoftware (http://www.hnc.com) andShared Information Systems Ltd. (http://www.nochargebacks.com).
Here's how these services work: After a consumer types inhis or her card number and address information, it's checkedagainst a database of credit card transaction information to see ifthe card has had any negative activity associated with it. It alsochecks for risk components, such as where the transactionoriginated and how often the customer has used the credit card insuccession. The system then generates a score that indicates theprobability for fraud. It's possible to set thresholds at whichthese systems either accept or reject transactions according to acertain score. You can also set them up to obtain additionalinformation, such as why a card was rejected. All thesefraud-prevention companies claim that they can cut down your fraudrates to extremely low percentages. To enlist a company'sservices, it'll cost you around 5 cents to 40 cents pertransaction, along with a onetime sign-up fee of $1,000 to $1,500and a monthly service fee of about $100 to $200.
But Wait, There's More
While these security measures may seem a bit extreme,they're essential to your company's survival, consideringthe current chargeback statistics: A recent report from IT researchfirm The Gartner Group indicates that approximately 15 percent oforders made on Web sites result in chargebacks, compared with 1percent from point-of-sale transactions.
Experts suggest credit card fraud will only worsen as Internetusage and e-commerce continue their rapid expansion in the newmillennium. There are already software programs out therethat'll allow hackers to generate a stream of phony credit cardnumbers that they can get away with using for short periods oftime. And the Web is increasingly being used to test stolen creditcards to see if they can be used for purchases at brick-and-mortarstores, say experts. Bob Fraser, CEO of NetSales in Overland Park,Kansas, offers this dire prediction: "Once people figure outhow easy it is to perpetrate credit card fraud, we're going tosee an explosion of Internet fraud like we've neverseen."
The time to start preparing for that explosion is now.
Hot Disks
- Storefronts A Go-Go:Nontechies can now easily create andmanage customized electronic storefronts through their Web browser,thanks to Miva Corp.'s Miva Merchant electronic storefrontsystem (http://www.miva.com).Miva Merchant integrates product maintenance, category management,shopping basket, order and credit card processing, and the abilityto create and maintain single or multiple online stores, amongother functions. In addition, the system ships with open sourcecode, giving advanced developers the ability to manipulate theunderlying, XML-based scripting language, Miva Script, to createhighly customized commerce sites. The $495 system must be installedon a Unix or Windows Web server along with the Miva Engine.
- Get On Target:SmartAge Media Buyer (http://www.smartage.com) is a servicethat allows small and growing businesses to place low-cost,targeted banner ads on Web sites that are part of the InfoAds,Excite, Talk City and SmartClicks networks. For as little as $100(depending on the number of ad views you want), you can get yourcampaign up and running, then track your results using MediaBuyer's daily, weekly, monthly and quarterly reports.
Friend Or Foe?
Has your Web site been an asset to your business? According toIBM's Small & Medium Business Internet Survey ofsmall and midsized businesses, conducted in 1994 and 1999, itprobably has. The survey found that 93 percent of small-businessexecutives regarded the Web as an asset this year, compared with 74percent in 1994. In addition, the survey found that the number ofexecutives who described the cost of Internet access as excessiveis substantially lower now than it was five years ago.
Busted!
Reducing credit card fraud can save your company thousands ofdollars. Here's a list of eight sure-fire strategies anyentrepreneur can use to reduce credit card fraud, according toAudri G. Lanford, an Internet scams expert and co-editor of thenewsletter Internet ScamBusters (http://www.scambusters.org):
1. Take extra steps to validate each order. Don'taccept orders unless complete information is provided, includingthe full address and phone number.
2. Be wary of orders with different "bill to" and"ship to" addresses. Require anyone who uses a different"ship to" address to send you a fax with their signatureand credit card number authorizing the transaction.
3. Be especially careful with orders that come from freee-mail services, such as hotmail.com, juno.com and usa.net.There's a much higher incidence of fraud from these servicesbecause it's easy for a scamster to open a free, anonymouse-mail account in another person's name and then send you anorder using a fake e-mail account and a fraudulent credit cardnumber.
4. Beware of orders that are larger than your typical orderamount and orders requesting next-day delivery. Of course, somepeople have reasons for placing large orders or using next-dayservice--but you should still be cautious. Crooks don't carewhat it costs since they aren't planning to pay for itanyway.
5. Examine international orders carefully. Do everythingyou can to validate the order before you ship your product to adifferent country.
6. If you're suspicious, pick up the phone. First,obtain the phone number that's listed with the billing addressof the cardholder. Then call the cardholder so you can determinewhether he or she placed the order.
7. Use software or services to fight credit card fraud.
8. If you have the misfortune of being scammed by a creditcard thief, contact your merchant processor immediately.
Melissa Campanelli is a technology writer in Brooklyn, NewYork, who has covered technology for Mobile Computing &Communications and Sales & Marketing Managementmagazines. You can reach her at mcampanelli@earthlink.net.
Web Site
By Robert McGarvey
Still stymied about the how-to of creating your own Web site? Orstuck with a site you know doesn't adequately reflect yourbusiness but aren't sure how to buff it into perfection? VisitWebSite101, a free resource that gathers together a plethora ofuseful links for builders, plus a grab bag of spiffy tools,including a free banner-ad generator and a free small-businesse-commerce tutorial that's delivered by e-mail.