rpghost
First Post
If there ever was a reason for letting someone else handle your order processing for you, this has got to be it... (sorry if this is the wrong place for this):
You'd think with all the fees credit card companies charge you and with the "protection plans" they offer at a premium that some of that money would go toward preventing and correcting fraud. You'd think they'd punish the law breakers.
Problem is, for the most part hackers DO get away with it. The credit card companies and the processors in the middle (don't get me started on all the idiots in the middle who take a share of a single charge and could care less about service) all still make thier
money and still charge you the processessing fee even if it was fraud. If I happen to ship something out that's even worse. They don't care about the fraud and don't want to even hear about it.
For example, the other day a $3,600+ order went through when I
was gone. A hacker was using a large $ value to find valid card numbers using our gateway (not any cards we have but randomly generated ones). I called the processor to tell them it was fraud, did they care what it was or who's card was being abused? No. They didn't even ask nor do they even care to follow up on any fraud at all. Would they refund me the $75+ fee they charged me for just processing the transaction? No. Their statement is: "it's your website and your problem. You need to credit the card back yourself."... so I'm out the time and hassle, the hacker gets clean away, and I'm stuck with a large fee for them doing nothing other then approving an obvious fraudulent charge - and for what reason other then I was not in town that
day and didn't catch it. This hacker runs some stupid program to hack cards, I am stuc paying 35 cents for every attempt and he does hundreds a day. When the banks do finally report a trasnaction as fraud it is usually 60+ days later and you've already sent out product (lost 10 shirts just last month and RPGNow sends products right away) and they have the nerve to even charge you 20 more dollars for the chargeback.
As such, I've really tightened up my security around here. I'm using the 3 digit code on the back of the cards now, but that's not even for sure as not all cards have it. I think it's refused more valid attempts then any fraud. I'm now restricting checkout not to allow an order over $500 to go through. RPGNow will no longer show the links at checkout and only sends them in email. I'm blocking this guys IP address ranges but he keeps changing it.
In short, the merchant is always screwed, the credit card companies and the banks don't care about fraud as they don't usually get stuck with the bill anyway. So they don't even bother to trace it down. What's that all mean? Well it means my operating costs for credit cards are well above the 5% mark. This has been going on for years... everyone looses (including the victim's card that got abused and now has to write a letter to their company and cancel their card) except the credit card processors.
James (in a wonderful ranting mood).
You'd think with all the fees credit card companies charge you and with the "protection plans" they offer at a premium that some of that money would go toward preventing and correcting fraud. You'd think they'd punish the law breakers.
Problem is, for the most part hackers DO get away with it. The credit card companies and the processors in the middle (don't get me started on all the idiots in the middle who take a share of a single charge and could care less about service) all still make thier
money and still charge you the processessing fee even if it was fraud. If I happen to ship something out that's even worse. They don't care about the fraud and don't want to even hear about it.
For example, the other day a $3,600+ order went through when I
was gone. A hacker was using a large $ value to find valid card numbers using our gateway (not any cards we have but randomly generated ones). I called the processor to tell them it was fraud, did they care what it was or who's card was being abused? No. They didn't even ask nor do they even care to follow up on any fraud at all. Would they refund me the $75+ fee they charged me for just processing the transaction? No. Their statement is: "it's your website and your problem. You need to credit the card back yourself."... so I'm out the time and hassle, the hacker gets clean away, and I'm stuck with a large fee for them doing nothing other then approving an obvious fraudulent charge - and for what reason other then I was not in town that
day and didn't catch it. This hacker runs some stupid program to hack cards, I am stuc paying 35 cents for every attempt and he does hundreds a day. When the banks do finally report a trasnaction as fraud it is usually 60+ days later and you've already sent out product (lost 10 shirts just last month and RPGNow sends products right away) and they have the nerve to even charge you 20 more dollars for the chargeback.
As such, I've really tightened up my security around here. I'm using the 3 digit code on the back of the cards now, but that's not even for sure as not all cards have it. I think it's refused more valid attempts then any fraud. I'm now restricting checkout not to allow an order over $500 to go through. RPGNow will no longer show the links at checkout and only sends them in email. I'm blocking this guys IP address ranges but he keeps changing it.
In short, the merchant is always screwed, the credit card companies and the banks don't care about fraud as they don't usually get stuck with the bill anyway. So they don't even bother to trace it down. What's that all mean? Well it means my operating costs for credit cards are well above the 5% mark. This has been going on for years... everyone looses (including the victim's card that got abused and now has to write a letter to their company and cancel their card) except the credit card processors.
James (in a wonderful ranting mood).
Ignore this.
