I know what it looks like. I never update this blog. But that’s not actually the case. I have written nearly a hundred blog posts for Cam on Commerce, but have kept them nearly all private. Why? Some are personal, some contain proprietary information and many are simply uninspired rants. And this post may be an uninspired rant… but I am so mad about credit card chargebacks that I just wanted to do something.
Here are work we have what I would consider fairly advanced fraud detection techniques and tools. We actually catch most fraud and we’re able to do that because there is some indication that fraud is occurring. But recently we have been hit by a string of more advanced fraud with no signs of anything amiss.
In the world of ecommerce we rely on AVS (address verification system) codes to determine if the purchase is authorized. Legitimate orders will have the correct address, zip code and CVV numbers submitted to us. When we authorize the card the AVS response (from the credit processor) will show something like “YYY” (yes, yes, yes) indicating the shipping information provided matches the info that the credit card company has on file. We then ship the order with a signature required.
If the customer later says, “I didn’t order that” and initiates a chargeback (a process where the purchase is disputed and the credit card company returns the customer’s money) we have the ability to “fight” the chargeback. We can show that we shipped the order to the confirmed billing address and that the customer signed for the package. When we have this evidence the chargeback is reversed and the money is returned to us. This has always worked well for us until now.
Lately it seems that people with stolen credit cards are changing the confirmed billing address (the crook can simply call the card issuer and add another “authorized” billing address). Then they submit the order to us and, since it looks 100% legitimate, we ship it out. When the credit card chargeback comes we try and fight it. Initially we will win but then customer tells the credit card company that the card was stolen, the billing address modified and reiterates that they didn’t make the purchase. The credit card company takes the money from us again and says our only option is arbitration.
Don’t attempt any arbitration! You will lose (we found this out the hard way). Arbitration will always rule in favor of the credit card company (who butters their bread?) and then to ad insult to injury they charge you – the merchant – a $500 fee for arbitration costs. WTF?
Are you with me here? We get a 100% legitimate looking order. We ship to to the confirmed billing address (w/ a signature required). If it happens to be fraud it is us – the merchant – who pays the price for doing everything correctly. The customer gets their money back. The credit card company charges us a “chargeback fee” (usually $15-$25). The thief gets their loot as well. We, as the merchant, have no recourse whatsoever and we have lost our inventory, our time and any profit we might have made on the item. Where is the justice in this? Where is credit card company’s accountability?
We have lost thousands of dollars a month this way and I don’t see any solution for the problem (short of paying for a service that guarantees payment with matching AVS codes). I believe the credit card company should absorb costs of fraudulent transactions of this kind. If they let a crook call up and change the card’s billing address then I certainly feel they – not me – are responsible for this fraud.
Posted by Cam, May 23, 2010