When One Chargeback Can Bankrupt a Merchant

With an improving economy and a greater selection to purchase online, the number of high end merchants on the web are swelling. Consumers can now choose from a near limitless supply of merchants selling luxury handbags, designer shoes and engagement rings. With holidays such as Mothers Day and Valentines Day accounting for an overwhelming majority of their sales, online jewelry merchants, in particular, have to compete dollar to dollar to fight for every customer who can easily buy online from any store. But in the scramble to attract and retain customers, jewelry merchants may be inadvertently opening the gates to fraudsters looking to blend themselves into the herd of legitimate customers to steal from them.

Many jewelry merchants employ a variety of measures to verify the identity of their customers. Some send over forms that customers must fill out and email back. Some call their customers and ask them a series of questions. Some merchants will only accept payment through PayPal, or use a marketplace like Amazon or Ebay.

Merchants, after receiving back their paperwork or after speaking to the customer on the phone, will often feel comfortable enough to ship out their product and close out the transaction. But 30-60 days later, as the chargebacks come in, merchants find themselves flabbergasted that the person they interacted with and verified still ended up being a fraudster.

Fraudsters are more than happy to speak on the phone or send back forms when dealing with expensive items such as jewelry.  What most merchants lack is a complete profile of the customer that Signifyd can provide.

With Signifyd, merchants are able to completely eliminate the fear of chargebacks. By providing detailed information and history on addresses, IP’s, emails, phone numbers, social media and much more, Signifyd gives merchants a comprehensive analysis of every order. Merchants can quickly decide if they wish to ship or decline an order. Further, merchants can purchase insurance from Signifyd, allowing them to ship to their customers knowing that Signifyd will fully reimburse them for any fraud within 24 hours of a chargeback.

If you are a merchant and you are struggling with fraud or the fear of fraud but have difficulty identifying good orders from bad you are not alone! Contact Signifyd at sales@signifyd.com and we will be happy to give you a demo and answer any questions that you might have.

Signifyd Identified by Core2 Group as Most Recent “Company on the Move”

September 2014 – Core2 Group has identified Signifyd as its most recent “Company on the Move”, highlighting Signifyd’s outstanding execution and growth in the technology sector.

Signifyd has earned this achievement by demonstrating both strong performance to date and also a strong likelihood for future growth based on Core2 Group’s trajectory measurements. Signifyd joins automotive powerhouse Toyota and Silicon Valley based wealth management service, Wealthfront, on the list of companies highlighted by Core2 Group in August.

Core2 Group takes an insightful approach to performance and risk measurement, utilizing Digital Footprint DataTM gleaned from a wide range of web traffic data points combined with more traditional measurements of fiscal and commercial performance to chart industry sentiment and forecast business results. Through this analysis, Core2 Group is able to provide daily predictive insights on business, brand, and economic performance that allow their customers to dramatically outperform industry standard rates of return and return versus volatility.

Core2 Group noted that Signifyd has shown a strong increase in brand awareness since May, with an uptrend in brand momentum in 86 of the past 90 days. Further, Core2 Group’s BPI to BPI.GPS ratio, a measure of trajectory of change, suggests continued strong growth over the next several months.

The best illustration of Core2 Group’s analysis is, of course, the continued success of Signifyd customers. Signifyd is able to consistently deliver outstanding results in the areas of fraud reduction and increased operational efficiency, giving Signifyd customers a substantial advantage over those merchants using other anti-fraud solutions.

Signifyd is proud to be highlighted as a Core2 Group “Company on the Move”.

About Core2 Group
Core2 Group, Inc. is a solutions-based provider of digital activity data from website, email and machine-to-machine traffic. Offering daily predictive insights on business, brand and economic performance for small businesses and public firms, Core2 helps companies monitor and track digital performance for the company, peers and sectors. The foundation of Core2 Group’s solutions is its unique Digital Footprint Data™, a daily global authoritative data source covering 1.3+ million companies and 5000+ brands across 150+ industries and within 200 countries. Core2 currently serves several market verticals, including capital markets, small business credit risk, small business prospecting and performance, global economic insights, private equity and brand momentum. To learn more, visit www.core2group.com or email info@core2group.com.

About Signifyd
At Signifyd, we help e-commerce businesses sell confidently while protecting them from fraud. Access, Automation, and Anonymity make fraud possible at industrial scale, and most businesses simply can’t cope. They don’t have the resources or expertise to fight professional fraudsters — they’ve got a real business to run. And yet, the explosion of Customer Data means the raw materials to fight fraud are more accessible than ever. We simplify fraud prevention with tools and expertise built on our years of experience at PayPal, Fraud Sciences, RSA Security and FedEx. We know how to interpret a user’s digital footprint and bridge the gap between Online and Offline Identity. And we know how to do it without creating friction for legitimate users.

Praxis Information Science – Signifyd Partner of the Month for August 2014

Signifyd is excited to name Praxis Information Science (www.praxisis.com) as the Partner of the Month for August 2014.

Praxis and Signifyd have collaborated on several projects since Praxis joined the Signifyd Partner Program in early 2014, combining Praxis’s extensive Magento development capabilities with Signifyd’s proven eCommerce Identity Intelligence to help customers reduce fraud, accept more orders, and streamline manual investigation processes.

Praxis has a comprehensive suite of web development capabilities, specializing in custom eCommerce site design built on top of Magento’s extensible framework. Praxis can deliver end-to-end eCommerce solutions, integrating a variety of ERP and POS systems into its sites, allowing for seamless fulfillment of orders from all channels. Praxis works with its customers to optimize the eCommerce environment, reducing load times, managing traffic spikes, and creating robust plans for long-term growth.

Signifyd brings strong analytics and machine learning capabilities to Praxis, giving Praxis customers the tools necessary for the early identification of fraudulent behavior. This helps eliminate chargebacks as well as increase acceptance of orders that were previously declined or challenged due to overly restrictive security policies. Further, Signifyd eCommerce solutions can be deployed alongside other fraud tools to aid in the manual review process that has proven to be so costly and time consuming for many merchants.

Join us in welcoming Praxis Information Science to the Signifyd family, and congratulate them on being named the Signifyd’s Partner of the Month for August!


About Praxis Information Science
Based in Austin, Texas, Praxis specializes in building wonderful, robust shopping experiences atop the industry-leading Magento eCommerce platform. We consult with scrappy startups and Fortune 50 brands, because the next great idea might happen on the top floor or in the garage. Need help standing out, getting bigger or simply redefining what’s awesome? We can do that.

About Signifyd
At Signifyd, we help e-commerce businesses sell confidently while protecting them from fraud. Access, Automation, and Anonymity make fraud possible at industrial scale, and most businesses simply can’t cope. They don’t have the resources or expertise to fight professional fraudsters — they’ve got a real business to run. And yet, the explosion of Customer Data means the raw materials to fight fraud are more accessible than ever. We simplify fraud prevention with tools and expertise built on our years of experience at PayPal, Fraud Sciences and FedEx. We know how to interpret a user’s digital footprint and bridge the gap between Online and Offline Identity. And we know how to do it without creating friction for legitimate users.


Signifyd Adds Redstage Networks as New Strategic Partner

Signifyd is proud to announce a strategic partnership with Redstage Networks (www.redstage.com) as part of our Signifyd Partner Program.

This agreement brings together Redstage’s extensive web development expertise with Signifyd’s industry leading anti-fraud and business enablement solutions to help eCommerce merchants sell more products and services without the fear of fraud.

Redstage, a Magento Gold Solutions Partner, is best known for its portfolio of over 300 Magento sites, though its capabilities go much deeper than that.  As a full service web design and marketing firm, Redstage was able to help its customers increase conversions of web site visitors to eCommerce customers by 45.6% in 2013.  Redstage is one of the most advanced and experienced agencies in the industry, and its expertise compliment the Signifyd solution set perfectly.

Signifyd will offer its full line of eCommerce fraud and business enablement tools to Redstage customers, leveraging both Redstage’s and Signifyd’s strong base in the Magento community as a foundation point.  Signifyd’s proven analytics and machine learning tools give its customers deep visibility into customer identity, allowing Signifyd customers to reduce fraud, increase the number of orders accepted, and more efficiently manage manual review processes in their businesses.

Signifyd is happy to have Redstage Networks as the newest member of the Signifyd Partner Program.


About Redstage
We create solutions with high sales conversion through elegant technology while promoting brand experience. Our unmatched industry expertise coupled with the Magento ecommerce technology produces more sales from your digital channel. We’re a firm that’s run by accomplished business and marketing professionals and backed by a team of creative and computer science gurus. We’re truly enthusiastic about what we accomplish every day, and we enjoy working with clients that demand excellence and are equally passionate about their business.

About Signifyd
At Signifyd, we help e-commerce businesses sell confidently while protecting them from fraud. Access, Automation, and Anonymity make fraud possible at industrial scale, and most businesses simply can’t cope. They don’t have the resources or expertise to fight professional fraudsters — they’ve got a real business to run. And yet, the explosion of Customer Data means the raw materials to fight fraud are more accessible than ever. We simplify fraud prevention with tools and expertise built on our years of experience at PayPal, Fraud Sciences and FedEx. We know how to interpret a user’s digital footprint and bridge the gap between Online and Offline Identity. And we know how to do it without creating friction for legitimate users.

Signifyd Featured as Redstage’s Partner of the Month


Today, we’re excited to announce that our newest partner, Redstage, featured Signifyd in their blog as part of their ‘Partner of the Month’ series. You can read the full post on Redstage’s blog. Stay tuned for when we reciprocate and feature Redstage in our blog shortly.

Interested in becoming a Signifyd Partner? 

Our Partner Program is a network of the top hosting providers, eCommerce solution providers and third party software providers. The program provides quality benefits and services that expand and enhance the functionality of our fraud prevention and chargeback protection platform. For partnership opportunities and more information on how to become a partner, please visit our partners page.

Help! I just got a chargeback!!

When setting up an online store, it can be an exciting time. You are building your website, uploading images of your items for sale and building out a loyal customer base that will help you increase sales as you lift your brand from nothing to a recognized symbol. Like many customers who have reached out to Signifyd, chargebacks and fraud was never even on their radar, until they got one.

Signifyd often receives phone calls that follow a format similar to this, “Hi, this is Joe from ABC company and I need help right away. I just got an email from my bank telling me that they are reversing the funds on this really expensive order and I don’t know what to do. The guy sounded legit, I looked him up but now he is saying he didn’t place that order but I already shipped the product. I need to prove that he placed the order!!”

Such frantic phone calls are often heartbreaking because more often than not the merchant who called in is ultimately going to lose out on both their cash and their product. Banks frequently side with the cardholders, and re-reversing funds is very difficult. Many merchants don’t take into account that fraudsters will answer the phone and talk to them, or that a fraudster will manipulate his IP address to give the appearance of living at the cardholders residence. Even worse are legitimate cardholders with a history of buyers remorse or are purposely seeking to steal online through the chargeback process.

So when merchants first start selling online and they see an odd order, it’s not unusual to them that if they should be able to get a hold of the customer that they should be able to ‘sort things out’. It is only after they realize that they have been duped do they become fully aware of the risks of selling online. But selling online is the future, and is on pace to replace retail shopping. So learning about chargebacks is very important for merchants looking to avoid them.

To learn fully about chargebacks, check out a previous post that Signifyd wrote up that helps define what is a chargeback. In todays post though, lets get the facts on the table. The fact is, if you have a chargeback there is very little you can do about it. The key is learning how to avoid them, and there is a tool on merchants side. Everyone online leaves a digital footprint. From the devices they use, the social networks they log into or the emails and phone numbers they register online. From the moment they create any kind of a presence, it has a history and that history can be either good or bad but it is never neutral. And that history can be tracked and is by companies like Signifyd.

Currently only about 5% of all shopping is done online, and yet that number poised to explode in the coming years. With that expansion is going to come all sorts of histories that internet users are going to leave behind. Every email, every IP address, ever card used is going to have a history of good transactions or of fraudulent ones. The key is to find and utilize that data in the fight against chargebacks.

Don’t fight chargebacks, avoid them.

Signifyd has an enormous database of knowledge, and plugs into other database providers to fill in the gaps that we currently don’t have to provide a global user database of internet history. Every time a shopper makes a purchase from one of our merchants, we can tell that merchant if the IP, phone number, device, card, email, and address or social media account is a good account or if it has fraud or chargebacks in its past.

Research shows that in the war against online thefts, the trend is going away from one off users making bad purchases online and is going towards cyber gangs who steal online. Therefore, if a Russian gang for example steals an American’s credit card and places a delivery address that Signifyd has registered as a bad address known for fraudulent orders or is associated with chargebacks, Signifyd can alert the merchant and advise them to cancel the order.

Tracking all of these histories by themselves would be an arduous task for any one merchant to tackle by themselves, but with Signifyd merchants get unprecedented analysis into their customers and who is most likely a good customer and who will likely place a chargeback.

So if you are a small but fast growing merchant who has just been hit by a chargeback, we offer our condolences. It’s a brutal growing pain, and likely won’t be the last chargeback you ever go through. But the collective power of the Internet is a tool that’s on your side through Signifyd, and together we can stop those who would seek to steal from you.

If you are a merchant who is suffering from chargebacks, consider signing up for a 2 week free trial with Signifyd and witness for yourself what professional fraud prevention services can do for you company and bottom line. Reach us at sales@signifyd.com

E-Commerce grew 16.9% in 2013 and here is what you need to do about it

16.9 percent. As you read through this article, keep that number in mind. 16.9 percent. That is the percentage growth of ecommerce sales that 2013 had over 2012. It might be hard to imagine that ecommerce could have that high of a growth rate when seemingly there are endless amounts of websites already selling on the web and online giants such as Amazon have the appearance of dominating online sales. But ecommerce according to the US Census Bureau is poised for unprecedented growth. According to a report that was released on February 18th, ecommerce had $263.3 Billion dollars in sales in 2013. That number though amounts to a measly 5.8% of total sales in America.

ecommerce growth 2013

As we can see, the pace of ecommerce growth is growing at a faster rate year over year. Just in the news today was the announcement that yet another large brick and mortar company, Radio Shack, was closing 20% of its stores as it lost too many sales to online stores. For merchants who already have online stores and for entrepreneurs looking to jumpstart a new store online, this is the perfect time to start.  As a new generation of shoppers looks to buy, consumers who were handed a tablet and a smartphone before they were given car keys will naturally look to purchase online before heading out to the mall.

Every year Cyber Source releases a fantastic report that is more or less a ‘state of the union’ on the current state of ecommerce. Cybersource, a property of Visa, highlights the security measures that merchants must take to protect themselves as they sell online. In its latest report, Cyber Source estimated $3.5 Billion was lost to fraudulent activity and chargebacks online. To put that number truly into perspective, consider this. In 2013 retail stores had final sales of $5.085 TRILLION dollars, and if they had equal losses it would come to $67,630,500,000.

Clearly, online retailers can do and must do more to ensure that as ecommerce begins its stratospheric growth that fraudsters and crooks who traditionally stole from retail stores don’t bump that percentage higher once they switch to online stores. The question then is how do merchants who are just starting a store online know how to protect themselves properly from the faceless masses on the internet?

Well luckily for online merchants, as ecommerce has grown so has new fraud prevention solutions. Companies such as Signifyd, who gather hundreds of data points on shoppers from sources such as social media, previous shopping history from other merchants and offline checks such IP location and device fingerprinting, can provide instant analysis as to who would be a trusted buyer online and who are bad shoppers likely to steal or initiate a chargeback.

Data breaches at companies such as Niemen Marcus and Target have given cyber crooks countless cards to steal with. As we can see from the Census Bureau statistically those cards will be used against retail stores, but as we enter this exciting time of ecommerce growth lets collectively make sure that we protect ourselves with the proper tools like Signifyd before those crooks use most of those cards against internet retailers.

14 reasons every online store needs to get fraud protection

Companies that sell on the internet are on the hook for any stolen credit cards they accept. This means that unless they want to lose a lot of cash to people who stole credit cards, almost every company has at least one individual checking their customers orders before they ship. But for many web based companies, ‘validating their orders’ tends to mean one or two people who are given minimal resources and tasked with the enormous goal of approving all the ‘good customers’ and cancelling all the ‘bad orders’. Here is 14 quick points on why online stores need to get serious about protecting themselves from fraud lest they drive their fraud prevention staff insane.

  1. Your online store has started to process bad credit cards, and no one has a gameplan on what to do.
tumblr_mmyrbiLIyA1rfzzkxo1_500 I don't know what to do

2. Your quick solution is to look up your customers on the web, which turned out to be a big task.

anigif_enhanced-buzz-18034-1381104650-21 Will Ferrel

3. Your company spends hours on Google, and yet you can’t ever find your customers.

anigif_enhanced-buzz-19423-1374638406-9 yeah, you failed

4. You were already an indecisive person before having to decide what orders are good and what orders are bad, and now every decision is a fight against analysis paralysis. 

anigif_enhanced-buzz-15242-1374670158-37 Aladin

5. Your decisions are almost entirely based on gut feelings, and you want/need the data to back up your instincts.

anigif_enhanced-buzz-24198-1382405513-11 Anchorman

   6. When Google and Facebook aren’t enough, you have to call your customers.

anigif_enhanced-buzz-4529-1380929532-10 parks and rec 2

    7. But calling customers is a pain for you and an annoyance for them.

anigif_enhanced-buzz-4202-1380929257-4 Anne from parks and rec

     8. And you have so many customers!

   spn-0-dustily we got work to do

     9. And your company recently started taking international orders, so you can only pray that your customers from Japan and Vietnam somehow speak English.

speak english

                                                 You suddenly discover how much you love Google translate

    10. You have to double check your customers address by where they made their purchase, and are suddenly introduced to the complicated world of IP’s. (Internet Protocols)

spying catWe swear we aren’t spying!

    11. Except that people can hide their true location online, and your sociology degree from college didn’t train you in how to detect fake IP’s.

dog at computer

    12. You find yourself dumbfounded by the email aliases people use, and find new found respect for customers who have simple first name, last name email addresses. 

74124-nathan-fillion-judging-you-gif-4v9D judging you

13. You also learn that the numbers on a credit card are not random, but are part of what is called the Bank Identification Number which helps track the card by country and bank issuer. 

that is brand new information

14. But now your boss is wondering why it’s taking you 15 minutes to look up all this information for each customer and talk to said customer, if you can even find them. 

overwhelmed girl

15. Which is why fraud prevention companies like Signifyd exist to make your life 1,000 times easier.

Yes_ye_syes yes!

Who’s really at risk in Target’s credit card breach


In the wake of Target’s disclosure that upwards of 40 million cards were compromised, a tsunami of public outrage and public opinions have been raised in discussions about how this happened and what Target should have done to stop it.

According to the Wall Street Journal. Target has already reported that sales are down as shoppers stay away out of fear. Consumers are still cautious about Target, and they are afraid of making purchases there. But should they be?

Are consumers liable?

On Christmas Eve, Visa took out a full page ad in the Wall Street Journal advertising their Zero Liability policy. A quick check on Visa’s policy advertises three steps. 1. Shop worry-free. 2. Report Suspicious Charges. 3. Get quick resolution and provisional credit. A similar check on Mastercard’s website spells out a similar policy. They in fact also call it the zero-liability policy.

Visa and Mastercard absolutely dominate the credit and debit card market in the U.S. with a combined total of roughly 85% market share. What this means for affected Target shoppers is that for any cards that have been stolen and fraudulently used they will have effectively zero financial liability for bad purchases.

So if the card holder isn’t liable, then who is? The answer often depends on where the criminals use the cards.

Online versus physical stores matter in fraud

For companies with a physical retail location, as long as they followed standard card issuer procedure by asking for ID and collecting a signature during checkout, then most of the time the card issuer will absorb the costs. For online companies though any orders purchased with stolen data will be charged against the online store.

For online companies, this means that for the time being they have to operate under the premise that there are an additional 40 million bad cards circulating in the US market, and that any one of them could be used against them and cost their business if they don’t stop the transaction.

Now for some perspective, according to a recent joint study by the US Census Bureau and Experian among others, there are roughly 1.5 billion active credit cards in circulation in the U.S. This equals out to about 5 cards for every U.S. citizen. This is a double edged sword for online merchants. The good news is that there are a significant amount of legitimate cards ready to make purchases, and credit cards are still the easiest way for online merchants to accept payment. The bad news is that with so many cards in circulation, online merchants have a plethora of potentially bad transactions coming their way.  The real card holder may not even be aware their card is being used fraudulently if it is not their primary credit or debit card.

So who is most liable? 

So who’s really at risk because of Target’s data breach? It’s not the hackers who stole the data. These stealthy online criminals almost never use their stolen information, instead using online market places to sell off the card numbers to less technical criminals who then use them to make purchases or drain accounts. It also generally is not merchants with physical locations, because criminals realize that their stolen data has a time limit before the real card holder cancels the account and shopping in person takes time and risk. Target and web based merchants are the real victims. In fee’s alone it is estimated that Target will have to pay the card issuers $3.6 billion for exposing consumer data. But it is the online merchants who are primarily at risk, and they are liable for every stolen Target card that they process.

For months or even years now, these web based business will have to take a little extra care to validate each order from their purchases to ensure that they don’t process a transaction from a stolen card until all the stolen Target cards are cancelled or out of circulation. That is until the next breach.

The internet retailer’s fraud prevention guide

Online shopping has spiked in the last 5 years, crossing the trillion dollar threshold in 2012. Embracing the consumer preference for internet shopping, many new businesses are only available through the web. Yet a surprisingly low number of new merchants are taking measures to protect themselves from internet fraud. While many online business owners are convinced that any fraud activity on a card is largely the domain of banks and credit card issuers, internet retailers are simply unaware that in the world of ‘card not present’ (internet purchases), they are liable for bad purchases run through their stores.

For many people, the word ‘fraud’ can seem complex and overwhelming. ‘What is fraud?’ ‘How does fraud work?’ These are common questions that are actually very simple to answer. If an individual had cash stolen from their wallet, and that cash was then used in a purchase by the thief, that crime would be described as theft. The money doesn’t belong to the thief, it belongs to our victim. In fraud, this crime works exactly the same way. Only this time the thief takes the credit/debit card instead of the cash. The law states that only legal cardholders can use cards issued to them. When a thief steals a card and uses it, the thief is pretending to be that legal cardholder and racks up charges in their name. Every charge the thief makes with the stolen credit card is considered a fraudulent (bad) transaction.

If all merchants had to worry about was physical credit cards being stolen, then this wouldn’t be much of an issue. But with data breaches becoming increasing common, the financial information of tens of millions of consumers are now in the hands of cyber cartels looking to use their newly acquired information as quickly as possible. With the ability to purchase almost anything online, criminal are increasingly using their stolen data for online purchases instead of placing the stolen information on fraudulent cards to make “card present” transactions in retail stores.

With all of this fraudulent information floating around in cyberspace, it can be difficult to know what the best course of action is. Accepting credit cards is a sure fire way to expose a business to theft, but clamping down on card transactions will place a financial chokehold on a business that most likely would be fatal.

The key for businesses is to understand what they are liable for. When a business decides to accept payment from a card issuer or bank, they are accepting the terms and conditions passed down by them. What that entails is also accepting the established industry standards that are almost entirely uniform in the industry. Card issuers and banks have no ability to track if a card (or card data) has been obtained by unauthorized persons. The only way to know that an issue has arisen is when the card/card data is used in a purchase. Because a merchant has the greatest ability to stop a criminal in their tracks, card issues and banks place the financial liability on merchants for any fraudulent orders that they process.

To dig deeper into the issue, merchants need to understand the technical lingo that is written into merchant contracts. Many merchants take the assumption that if a transaction is authorized then it is a legitimate transaction. That is not the case. When a card processor runs a card and authorizes, it is simply verifying that the funds are available, the card is not reported as stolen or declined and the consumer’s credit limit has not been hit. An authorization is not running a report as to likelihood of the card being stolen or not, or if it is a risky transaction or good order. Once a merchants accepts funds, the liability now fully rests on them.

E-Commerce fraud is exploding for multiple reasons, but one simple yet major reason that it is exploding so fast is that many individuals simply do not check their credit card statements every day. While there are always going to be that subset of vigilant consumers who set mobile alerts for any purchases and check their cards daily, many consumers wait for their statement to be released before they look over their purchases. By then many weeks or months could have passed before they recognize the unauthorized transactions used on their cards.

Banks and card issuers do their best to look for irregular card activity by calling their customers to verify transactions they might have made. If someone goes on a road trip and suddenly makes multiple purchases in another state, a card is frequently frozen and the cardholder is typically contacted to verify if they did indeed make those purchases. But card issuers can only look for irregularities in a card holders account, and pending any drastic activity changes are powerless to know if a card is being used in a legal or illegal manner.

All merchants are accountable for and suffer chargebacks

To help account for this, and also to help deal with bad businesses, most card issuers offer card holders a 3 to 6 month chargeback grace period. For those not in the know, chargebacks are every merchant’s worst nightmare. Chargebacks occur when a cardholder contacts the card issuer to request a refund from a merchant. This would occur because the customer would somehow be unable to obtain a refund from the merchant or that the merchant is refusing to offer a refund to the customer. To read more about chargebacks and how to stop them read our series on chargebacks. Once a chargeback is initiated by the cardholder, the card issuer will deduct the funds from the merchants account and debit it to the card holders account.

The merchant can fight this process by providing evidence to the card issuer that the customer did in fact make a purchase, received the product intact, and is in the wrong. But in the case of a fraudulent purchase that causes the real card holder to initiate a chargeback against the merchant, ignorance of the card’s misuse by the merchant won’t stop the funds from being forcibly deducted. Many card issuers will hold a portion of the funds generated by sales through their cards in a reserve account that is held explicitly for the purpose of reimbursing card holders from bad transactions. The card issuers themselves cannot risk the liability that their merchants could run up thousands of bad orders and then not be able to pay the cardholders back. This reserve account is created because the credit card companies and banks only have a limited amount of money available to repay their customers at any given time from their own accounts. So by establishing a safety net between themselves and the merchant, they help prevent a shock withdrawal from the merchants account in the case of a large chargeback while guaranteeing that the card issuer can repay the card holder instantly.

To add insult to injury, merchants who have multiple chargebacks against them risk ever compounding fee’s as well as being placed on a chargeback monitoring program. If merchants are unable to bring the chargeback rate down, they risk be blacklisted by the card issuer either temporarily or permanently, which can drastically cut revenues for that business.

So what is a retailer to do?

No matter what the purchase, or the volume of transactions that merchant may be accepting at any given month, all transactions paid for by credit card need to be vetted.

But verifying transactions can be difficult as tying an online identity to an offline real person can take a significant amount of research. But there are common steps that all merchants can take that will significantly reduce the probability that they will process a fraudulent order or accept business from someone who serially conducts chargebacks.

1.       Always, always, always collect and examine CVV2 and AVS and examine them closely

CVV2 is the 3 digit code on the back of a credit card that is separate from the 16 digit number sequence on the front. The code is a secondary backup to ensure that the card is actually in the hands of the cardholder and is never stored on file in a transaction history unlike a credit card number.


AVS stands for Address Verification System. When entering in a billing address, all merchants need to ensure that the billing address entered into the checkout matches that of the address tied to the card. If a customer repeatedly fails AVS, that is a staggering red flag. There is no reason that a real customer would be unable to identify what the billing address is for the card unless the card was being used illegally.

2.       Ensuring that billing and shipping match are critical.

Billing and shipping always go together, and if they don’t it is normally an issue. Merchants always need to carefully examine why a customer would not ship to their billing address. Are they shipping to family? Are they shipping to friends? What connection does the purchaser have to the recipient? Many merchants will cancel orders that have a billing/shipping mismatch, while others have a large amount of research that goes into verifying if the customer is the true card holder. In an instance of a billing/shipping mismatch, a merchant always wants to ensure that during the checkout the customer didn’t fail the AVS or CVV2. Additionally, it is recommended to merchants that they call the customer to verify the recipient of the delivery.

3.       Always get a signature for delivery

When purchasing online, often times the simplest fraud ideas are the most effective. And nothing is simpler than claiming that you never received your package. For any kind of high value order, ensure that the customer who made the purchase is the one who signs for delivery. By getting a signature, you ensure that the customer can’t later force a chargeback against you and you ensure that fraud isn’t later claimed. A major source of fraud for merchants is reshipping fraud, where a fraudster will purchase a product on the web and have it shipped to a middleman who then mails the product to him. Requiring a signature from the cardholder stops reshipping fraud in its tracks as a fraudster would have no ability to get the real cardholders signature nor would any middleman be able to accurately forge a signature.

4.       Always check IP

Internet Protocol, the location of the computer the customer is using, is normally a dead giveaway to the truthfulness of the transaction. Is your customers billing and shipping in Indiana, but the IP is from Egypt? Well, that’s probably a fraudulent transaction. While the IP address can fluctuate a few miles from the address of the customer, it should never be in excess of 50 miles. Any IP address that is far from the address of the customer indicates either three things. 1. The customer is away on business. 2. The customer is on vacation. 3. This is a bad transaction. Many fraudsters attempt to mask their IP location by going through regional proxy servers, but these are easily detected and are simply another indicator of an online criminal.

5.       A customer with a bad user name or email is almost always a bad customer

According to surveys over the last couple of years, the vast majority of customers will reuse the same username for most websites, and only maintain 2-3 email addresses at any given time. What this means for merchants is that if you encounter an email that doesn’t contain the name of the customer, red flags should immediately be raised. If an individual consequently gives you a user name that is full of strange characters or numbers that is normally an indication that this customer doesn’t intend to be a returning purchaser. Many merchants require that a customer verify their profile by clicking on a link sent to the customers email address to verify if this indeed is a human and not a bot. If the email address entered in the creation of the profile is different than the email address stored on file by the card holder that additionally is an indicator that something suspicious is going on in the order.

6.       Be on the lookout for multiple purchase attempts, and protect your store against attacks

Fraudsters rarely have a complete data set on the individual of whom they are impersonating when making purchases online. They may be able to fill in the card number, name and address but fail the CVV2. They might have stolen the wrong email address, or they could be trying to make a purchase from the other side of the globe. If there are instances of multiple attempts, with repeated failures in a critical field a merchant will want to permanently decline that customer and every data point associated with the transactions.

7.    Check the shipping address

If your customer is shipping to a Fedex store, or to a park P.O. box, that might be a red flag that they are trying to hide their location. If the location is a known drop ship address, or has a history of fraud associated with it, why take the risk of shipping to that address?. Using address verificaction services such as Whitepages.com to run the address is a crucial step in every transaction to ensure that a customer who claims the address is their own is not in fact using an illegitimate address to avoid detection while running bad transactions.

Fraud prevention takes time!

Criminals are drawn to online companies like gravity, the larger the business the stronger the pull. Fraud prevention is a difficult, time consuming process that only grows more and more important as a company increases its sales. With liability solely on the internet retailers, Signifyd finds that the vast majority of merchants take a cautious approach and tend to decline any suspicious orders as well as declining most international orders. Without having a data verification service to tell merchants if a customer is using a proxy to mask his IP or to verify his address, merchants can be at a loss to confidently decline or accept an order.

Signifyd provides the tools merchants need to quickly verify their orders. 

Looking up 5 orders a day might not be an issue for company, but if your company finds itself suddenly needing to review 75, 100, 200+ orders a day it can quickly become an overwhelming and all day long task. And without a uniform way of doing each search a company can find it is simply approving or declining orders ” based on their gut”. Signifyd provides companies a way to quickly ensure that they don’t rack up huge losses by accepting payment from multiple stolen credit cards or get hit by numerous chargebacks. Signifyd runs reverse IP lookups to detect proxies, verifies a customers address, checks bin to verify the cards origin, looks through social media to double check a customer’s true identity, and gives merchants a customer’s shopping history to highlight any possible fraud or chargebacks that can be associated with them. Signifyd scores transactions at an average of 200 milliseconds and works with merchants from the largest on the web to merchants who have just set up shop. If you run a business and are concerned about chargebacks and fraud and want to learn more please reach out to us at sales@signifyd.com to learn more!