The ever-evolving world of online shopping and e-commerce is frequently improving ways in which merchants can conveniently accept online payments. But as the industry becomes more technologically advanced, allowing for fast and easy transactions, online fraudsters are finding new ways to slip through the digital cracks and obtain sensitive customer data. One method to be particularly aware of is Credit Card Validation Testing.
What is Credit Card Validation Testing?
Credit Card Validation Testing is a scheme that uses advanced software and tactics (bots and scripts) to test the validity of large batches of stolen credit card numbers and details. This typically occurs with non-secure, e-commerce payment pages. The thieves are looking for an open, non-secure payment page to “test” cards for validity. The cards that get a positive response are later sold on the dark web or into a black-market scenario.
In order to prevent Credit Card Validation Testing, it’s imperative that your website includes a secure payments page with multiple layers of fraud protection.
Here are five security tools to help protect your payment page from fraudulent activity:
1. Address Verification Service (AVS)
AVS compares the billing address provided by the customer with the billing address associated with the cardholder’s credit card account. If the two entries do not match, the bank will flag the transaction and send you are response code detailing the address comparison. From there, you can decide whether or not to approve the transaction based on the bank’s response.
2. Cardholder Verification Value (CVV)
A CVV is the three- or four-digit number on credit cards that verifies whether the customer has a physical copy of the card in their possession. Similar to AVS, the CVV numbers should match the one on file for the card-issuing bank. If there is a discrepancy, the transaction should be rejected.
3. Username and Passwords
Having customers use unique login credentials to make online purchases can also add another layer of protection to your payment page. Be sure to require strong passwords that have a blend of capital letters, small letters, numbers and symbols. Monitoring failed login attempts can also help you take preventive measures to prevent fraudulent activity.
Geolocation is the ability to track the exact location of a computer or networking device using an IP address. Similar to AVS, Geolocation technology compares the billing address (where the merchandise will be sent) to the location of the IP address of the online customer. If it reveals the online shopper is somewhere in China, but their shipment is going to Detroit, MI that could indicate a potentially fraudulent transaction.
5. Email Address Verification
Email Verification is the process of verifying if an email address is valid and improving the odds that it belongs to a real person. The purpose is to ensure that a real person with a valid email address will receive and interact with your email. This is a simple but effective way of weeding out card testing bots that often use disposable email addresses containing suspicious formatting, characters, and domain names.
International Bancard is committed to protecting and educating our clients on fraud prevention. We help make credit card fraud prevention manageable and understandable, so you can focus on selling your product.
Contact a certified payment professional at International Bancard to learn more about fraud protection and keeping your business safe.