Introduction
In this tutorial, we would like to share with merchants some common techniques to pinpoint red flags of credit card fraud. Our goal is to cut down all frauds and chargebacks.
John is an online merchant selling watches. Below is one of his typical orders. Everything looks fine to him but we would like to highlight some important information to help him make an informed decision.
[Login to see the link]
IP Address
The IP address is from an anonymous web proxy service. It allows the user to hide their actual IP address but still perform an order submission. In this case, the actual user IP address is unknown and we only know the proxy server’s IP address.
If we analyze the user’s IP address, it is located in a different country which is 1,000 miles away.
Amount and Quantity
The order and quantity are also above average transaction values. Fraudsters will usually order large quantities of items to maximize their returns.
Addresses
The shipping address is being listed as one of the forwarding service providers. The actual item will be forwarded to another address for collection upon the fraudster’s further instructions.
The shipping address, billing address, and IP address locations are all different. In this case, the fraudster is using a proxy server, mail forwarder, and stolen credit card to avoid tracking.
Email Domain
The order is being submitted using a disposable email address. The email address is easy to set up, anonymous and temporary.
Username and Password
The user name and password are too simple and generic. Fraudsters usually apply easy-to-remember account information.
Credit Card
The credit card number has been blacklisted due to prior exposure in a public area. The fraudster purchased this credit card information from underground trading forums.
BIN and Issuing Bank
The BIN number and issuing bank name do not match. Fraudsters usually only have partial credit card information except for the issuing bank information.
Many other techniques are not readily apparent when looking at the order forms such as transaction velocity and device fingerprints, both of which can also unmask a serial fraudster.
