The problem is the following: a client of mine has a shop (an OsCommerce installation). However, the shop is hit by repeated attempts at fraudulent transactions, i.e. fraudulent credit card numbers. The only loss is the time to filter out these numbers & ban the account. Apparently, it is one user in particular who is using anonymizer to cloak his real IP - hence IP-banning or IP-range banning is ineffective.
I've suggested implementing CAPTCHA - email-verification (i.e. send out to user) is already in place. However, CAPTCHA only closes the door to machines, not humans.
The only other solution I can think off of the top of my head is implementing 3D-secure, however that has the downside of adding another layer of complexity to the shopping experience and turns away real customers.
Are there other, better solutions to this problem?
Block individuals (human) from shopping
Moderator: General Moderators
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
I am a little confused about these "fraudulent credit card numbers"? Do you first check that the number is in the form of a valid number? And then you to check that the card is valid by using a payment processor, either during the actual checkout or sometime later before shipping? I am not sure how the fraud is occurring?
(#10850)
Stolen credit card numbers. Valid information, invalid user.arborint wrote:I am a little confused about these "fraudulent credit card numbers"? Do you first check that the number is in the form of a valid number? And then you to check that the card is valid by using a payment processor, either during the actual checkout or sometime later before shipping? I am not sure how the fraud is occurring?
As for a solution: http://www.maxmind.com/
Learn it.
Love it.
Use it.
Either that or one of those credit card number generators. Excellent link, thanks Jasonjason wrote:Stolen credit card numbers. Valid information, invalid user.arborint wrote:I am a little confused about these "fraudulent credit card numbers"? Do you first check that the number is in the form of a valid number? And then you to check that the card is valid by using a payment processor, either during the actual checkout or sometime later before shipping? I am not sure how the fraud is occurring?
As for a solution: http://www.maxmind.com/
Learn it.
Love it.
Use it.
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US
It's not fraudulent transactions, it's simply that someone signs up with some email, tries different fraudulent credit cards - no transaction is made - so no actual harm done. The problem is, the way my client's organisation is run, these fraudulent ones have to be filtered out by the person in the department responsible - a far cry from efficient, but they've come a long way...
- Christopher
- Site Administrator
- Posts: 13596
- Joined: Wed Aug 25, 2004 7:54 pm
- Location: New York, NY, US