Announcement

Collapse
No announcement yet.

Strange fraudulent orders that pass Auth.net validation

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Strange fraudulent orders that pass Auth.net validation

    We've received a handful of fraud orders over the past few weeks that passed Auth.net validation. We know they're fraudulent because the items ordered are personalized with text, and the text is just gibberish. In some cases they put in dates for their personalized text and the dates are from 2013 or sooner.

    It looks to us like someone with a stolen card, AND stolen billing address info for the card, is placing orders on our site simply to see if it gets through. We tried contacting the "customer" using the phone number and email address, but the phone numbers are frequently businesses that have never heard of the person we ask for, and the email addresses never respond.

    It's very difficult (maybe impossible?) to stop these from happening, has anyone else had a similar issue and found a way to stop it?

    The only reason we know these are fraud orders is because of the text - if the person placing the order purchased an item with no text, we'd have no idea and we'd ship the merchandise.
    Looking for work as of March 2024! I've been a web developer for going on 20 years, with most of that time spent on Miva sites.

    #2
    Re: Strange fraudulent orders that pass Auth.net validation

    Contact the banks that issue the cards and let them know that those numbers are compromised, and place a note on your check out page that lets the thieves know that you are killing the cards by reporting them to the banks.

    This is what I had to do when this happened to me.

    VISA and MASTERCARD will not do anything - they make money off of this type of fraud.


    There is a chart that will let you know who the issuing bank is somewhere on the net, but I have lost my link.
    Last edited by Paul299; 09-28-14, 07:52 PM.

    Comment


      #3
      Re: Strange fraudulent orders that pass Auth.net validation

      I agree with reporting cards to banks, though don't hold your breath about responses...however, I DO NOT agree with putting any such message on your site (other than standard "Security Verified" seals).

      1) 99% of these attempts are done via an automated script and they don't care.
      2) No need to make your site a joke site for thieves (they would just laugh at that statement)
      3) It looks negative to all your "good" customers.

      This holds true for the "We monitor and track IP addresses" messages I see from time to time.
      Bruce Golub
      Phosphor Media - "Your Success is our Business"

      Improve Your Customer Service | Get MORE Customers | Edit CSS/Javascript/HTML Easily | Make Your Site Faster | Get Indexed by Google | Free Modules | Follow Us on Facebook
      phosphormedia.com

      Comment


        #4
        Re: Strange fraudulent orders that pass Auth.net validation

        We stopped 90% of this by using. http://www.mivacentral.com/page/m/PR...W-WP_ANTIFRAUD. Simply set the Risk Threshold For Order Decline: to what's suitable for you and anything higher than that wont process. This is our first line of defense that I personally wouldn't run my businesses without.
        Last edited by Datagg; 09-29-14, 10:56 AM.
        Dan

        Girlfriends Lingerie - "Keeping It Sexy!"
        Sexy Lingerie - Twitter - Facebook- Pinterest - YouTube

        Comment


          #5
          Re: Strange fraudulent orders that pass Auth.net validation

          Dan, we're at a loss as far as how this can be stopped though. From what we can tell, it's a valid credit card and a valid billing address. It was stolen from the customer, and the customer probably isn't aware and hasn't reported it stolen yet.

          I don't think it's likely that it's automated because the items are personalized, and there have only been about 5 orders total over the past month or so. We've seen the automated stuff before and it's usually dozens of attempts per minute, using non-personalized items. In these cases our system automatically declines them after the first few fails, so it's not a problem.

          We purposely don't store the entire credit card number (either on our miva system or in auth.net) so we have no way of knowing the issuing bank. Unless auth.net makes that available to us somehow?
          Looking for work as of March 2024! I've been a web developer for going on 20 years, with most of that time spent on Miva sites.

          Comment


            #6
            Re: Strange fraudulent orders that pass Auth.net validation

            The reason MaxMind can stop it, is due to IP location and comparing it to the card holder and address. So the only way it would get through is if they're placing the order from an IP near the actual billing address.
            Thanks,

            Rick Wilson
            CEO
            Miva, Inc.
            [email protected]
            https://www.miva.com

            Comment


              #7
              Re: Strange fraudulent orders that pass Auth.net validation

              That's a good point, I didn't think of that! Thanks Rick, and Dan for the suggestion
              Looking for work as of March 2024! I've been a web developer for going on 20 years, with most of that time spent on Miva sites.

              Comment


                #8
                Re: Strange fraudulent orders that pass Auth.net validation

                Having just gone down a most frustrating week of trying to stop a card testing bot, I thought that MaxMind would be helpful. I played around with using the same info that the bot had used. Gobbledegook name and address and a state didn't match the zip code. It saw my IP address which I thought should have been recognized as flag since it wasn't near the address location. I had tighten the sensitivity all the way down to 5% to get it to reject my combination. Something else that should be noted, the module will stop a "decline" from going to the OPAY screen which is great.

                So Rick suggested the Checkout reCAPTCHA which will have to remain on instead on instead of in velocity mode because First Data's basic service doesn't have any sort of AVS matching nor does it see the Miva order number (as unique) but relies on it's own number. Since I had some concerns about having this on full time, I've made sure to include a message directing customers to call if having any problem placing an order. Since I haven't heard from the store owner today hopefully things have finally calmed down for them.

                Leslie
                Leslie Kirk
                Miva Certified Developer
                Miva Merchant Specialist since 1997
                Previously of Webs Your Way
                (aka Leslie Nord leslienord)

                Email me: [email protected]
                www.lesliekirk.com

                Follow me: Twitter | Facebook | FourSquare | Pinterest | Flickr

                Comment

                Working...
                X