We are starting to experience a small number of fraudulent orders and are wondering if anyone else has some ideas on how we can help cut down on some of these.

Currently, we have our credit cards set up to require CCV, but we do allow people to send packages to addresses other than bill to address (since many of our products are sent as gifts).

One of the most common situations we have found is when a bill to address is in the US and the shipping address is overseas...that, for us, has almost always been a stolen credit card. 

What we are doing now is emailing customers we believe that have placed a fraudulent order and asking them to paypal us the money for there order as there was an issue with their credit card.

This is a pain, and I am sure we are probably losing some legit business because of it, so I am wondering how other people are cutting down on the risk of fraud.

Any ideas?

Hi thrion, a simple phone call to the card holder gives you an almost 100% guarantee that the order is legitimate. As you pointed out, it is often quite easy to spot orders that might be fraudulent. A phone call can help.

Refusing orders from free e-mail accounts can also help (e.g. hotmail.com, yahoo.com, etc.), as most fraudulent orders are placed through a free e-mail account that allows the buyer to remain anonymous.

NOTE: whenever possible, don't "authorize & capture" orders, but rather "authorize only" and then process them at a later time, after you have confirmed their accuracy and legitimacy. Most payment gateways integrated into ProductCart give you this flexibility. Some of them (Authorize.Net, USAePay, PayPay Website Payments Pro, PayPal PayFlow Pro, NetBilling) allow you to then settle the pre-authorized transactions automatically by contacting the payment gateway again using the "batch processing" feature.

We get one of those order once every 2 month now.  It used to be more, but there are a few things you can do.  Thieves sometimes place a small orders to see if it goes through, before they go for the big stuff.  We process our orders offline so the customer get an order confirmation.  Thieves very often think the card is good, when this happens.  The key is to discurage them from doing so.  So change your order confirmation text and state that the order has not been processed, but will after the card has been verified.  Also state that you only process cards that verify and that you will report any card that seem to be suspicious.  Put this online as well.  Secondly, never corresponded to them, because you are giving them valuable information in regard to being spotted.  Even sendind an order cancellation notice is to much.  We simply block their account, which means they have to get another email address before they can try again.  This practice has worked well and the attempts have gone done a lot.  You may report those cards as stolen, but remember the card companies track your report and I'm not sure if that works against you.  Your best defense is keep your eye open and spot fraudulent orders.  Block countries from signing up for accounts known for theft.   We went through each country and deselected a lot of them.  Customers who are real will contact you, if they have a problem.  BTW Paypal can be used without  a bank account but a credit card.  It is safer, but not fool proof.

Katharina