In recent years, many online businesses have become increasingly concerned with the challenges and costs that are associated with online credit card fraud. Unless otherwise indicated, the term “credit card fraud,” as used herein, refers to any fraudulent purchase or transaction that involves the use of a credit card, debit card, smart card or any other such payment card. Similarly, the term “payment card,” as used herein, refers to any type of credit card, debit card, smart card or other such card that can be used as a means of purchasing things.
In a traditional face-to-face credit card transaction between a buyer and a seller, physical presence offers a level of security based in part on the ability of the seller to obtain the buyer's signature along with an imprint, swipe or scan of the buyer's card. The information obtained from the buyer's card can be used to determine, for example, whether the card is a valid card that has not been reported lost or stolen, and whether the card has sufficient free credit available to fund the current purchase. In other words, an initial check is performed to insure that the payment card is at least listed as active and in good standing with the appropriate credit authority. Typically, if the card satisfies this initial verification stage, the seller will proceed with obtaining the buyer's signature so as to compare it against the signature on the card. In some cases, such as when the card has not been signed, or when other factors dictate that additional precautions be taken, the seller may require the buyer present a second form of identification such as a driver's license. Other, more advanced credit card fraud prevention techniques have also been developed over the years. These include, for example, the development of payment cards which have anti-tamper signature areas, holograms and even the etched image of a card's owner.
When transactions are completed in person, the implementation of these and other such precautions typically allow merchants to avoid liability in the event that fraud occurs. In such cases, the issuing bank that approved the transaction will usually bear the burden of the chargeback. On the other hand, when a merchant is completing a transaction in which a payment card is not physically presented—as occurs for orders placed via phone, mail order, fax and the Internet—the merchant is almost always liable. In other words, each of the fraud protection techniques described above is of little or no value when it comes to transactions that are performed remotely (e.g., via phone or the Internet), as the merchant never gets to see the credit card and verify the signature. As a result, the merchant (and not the card issuer) is almost always responsible for losses from sales that are made in this way.
More particularly, Internet credit card transactions fall under the heading of MOTO (Mail Order/Telephone Order) transactions, which are also referred to as CNP or Cardholder-Not-Present transactions. As indicated above, many credit card merchant account agreements leave the merchant one-hundred percent liable for fraud committed via a MOTO (or CNP) transaction. Thus, any fraudulent transaction that occurs via phone, mail order, fax or the Internet often results in a “chargeback” for the merchant who made the sale. This means that when there is a dispute over a charge (such as a fraudulent use of a credit card by the buyer, or a cardholder's winning of a dispute over whether the charge was authorized), the online merchant must pay back the amount of the original charge, plus any penalties, to the cardholder's bank. Furthermore, if a merchant experiences a high level of chargebacks, the merchant can often be hit with an increase in the discount rate they have to pay on each transaction. In some cases, the merchant may even have their account terminated, and, once lost, a credit card merchant account can be extremely difficult to obtain again.
Today, online merchants are strongly encouraged to implement a number of protections that may help to reduce the risk of online credit card fraud. Some of these protections include, for example, the use of Address Verification Systems (AVS) where available, checking to make sure the shipping and billing address match, avoiding purchases that involve free e-mail accounts, and calling the cardholder if there is any reason to doubt that the person receiving the merchandise is not the authorized cardholder. However, despite the implementation of these and other such protections, phone, mail-order, fax and Internet shipment fraud is often still perpetrated for the simple fact that vendors conducting business on a cardholder-not-present basis cannot mange the physical credit card verification process.
A need therefore exists in the industry for improved credit card verification systems and methods that overcome deficiencies in the prior art, some of which are discussed above.