Helps E-tailers Avoid Chargebacks

If you’re worried about chargebacks, a new online service offers a chargeback history to help you weed out negative customers before they checkout.

Say the word “chargeback” in a room full of Web shop owners, and you'll hear the proverbial pin drop. Chargebacks—the return of funds to a customer through the issuing bank— are a headache for e-tailers.

Chargebacks should be a consumer's last line of defense against merchants, or they should be used to reverse unauthorized payments if fraud or identity theft occurs.  Unfortunately, some consumers use chargebacks as their first line of defense and initiate one before going through an e-tailer’s customer service. Also, a consumer can commit chargeback fraud by initiating a chargeback based on false claims.

For dishonest and unscrupulous e-tailers we don’t offer sympathy—but honest merchants can lose both the transaction funds and the goods or services being sold.  You need to invest time and money into disputing chargebacks, and you might have to pay a fee to your merchant account provider, even if the bank finds in your favor.  It can take months to clear a chargeback claim.

Brien Heideman, president of believes that smaller merchants and Web shop owners are often hit the hardest as a fraudulent chargeback can damage their reputation. If you have a new merchant account, for example, you could be in jeopardy of losing that account with just one or two chargebacks.  

Dealing With Negative Customers

Many e-tailers maintain their own database of negative customers. If a customer has previously issued a chargeback against you, then you might already have a system in place to prevent them from making another purchase on your site.

A new online service, called Badcustomer aims to help e-tailers, and anyone who handles Card Not Present (CNP) transactions, by offering a much larger database of bad customers to query before a sale is processed on their site.

 “When retailers partner with, they upload their negative customer data and in return they can query our entire database of chargeback customers,” Heideman said. “The benefit for retailers is that they have a much larger Internet blacklist database to query.”

How the service works is simple. When a customer with a negative chargeback history attempts to checkout on your site, while the credit card is being processed, Badcustomer’s database is pinged. If no bad customer information matches the person trying to check-out, then the transaction goes through.

 If, however, the ping results in a positive match, then the customer would be directed to where they can obtain information about chargebacks, learn why they cannot make a purchase from your site, and they can contact Badcustomer to get assistance.

Honest consumers who have submitted legitimate chargebacks in the past can be removed from the database after speaking with BadCustomer support. The company also offers advice to consumers on how to deal with e-tailers when they have a problem.

According to Heideman, the service is quite customizable so merchants can choose how much matching customer data they require before refusing a transaction.

“Retailers can choose to refuse a transaction based on a number of queries. You can, for example query Badcustomer just for a matching name and e-mail address, or based on a matching name, address, state and credit card number,” said Heideman. “The decision-making is left up to the retailers. We simply flag customers with known chargeback histories, and the retailers decide if they want to do business with that consumer or not.”

Share My Customer Data?

At a time when e-tailers are concerned with maintaining customer data integrity and meeting PCI regulations, the thought of sharing customer data may seem risky. 

According to Heideman, Badcustomer meets and exceeds current PCI DSS Level 2 compliance regulations; however, since the company also houses millions of records of sensitive data from numerous third parties, the company is voluntarily creating the processes, practices and documentation necessary to be certified at PCI DSS Level 1.

"We've already undergone a review with a certified QSA consultancy, but for us the implementation of the PCI standards has been easy as it has been an ongoing process since we launched our service,” said Heideman.  “However the 12-part PCI documentation process is taking considerably longer to complete.”

It is also important to note that while customer data is shared, no single retailer or person—not even Badcustomer's own IT staff—is able to view the specific information. According to the company, the database only pings a response when data is matched during a query; you cannot view a file or see any details.

Badcustomer doesn't store any credit card expiration dates and security codes. For any other stored sensitive data, Badcustomer uses AES 256 bit double-key encryption, with keys stored separately and rotated every 30 days. These are only a few of the security measures being used by the company to protect sensitive data.

Heideman said that security is a top priority for the company, and a full security measure disclosure is available to retailers interested in partnering with

The Badcustomer database and redirection services are free to any retailer who also shares their customer chargeback blacklist.

Vangie Beal is a veteran online seller and frequent contributor to She is also managing editor of You can tweet with her online @AuroraGG.

Do you have a comment or question about this article or other e-commerce topics in general? Speak out in the E-Commerce Forum. Join the discussion today!

Comment and Contribute
* Required Field
Your email address will not be published

Note: No advertising, no spam, no keyword in name/nickname field. Thank you!

Free Resources

Subscribe To Our Daily Newsletter