You are in: ECommerce-Guide > Solutions > ECommerce Building

ECommerce-Guide Essentials eBiz FAQ Everything you need to know to start your own successful e-business. Selling on eBay How to make money in the online marketplace. PayPal Payments and More What's new in secure payments for your online store. Shopping Cart Software Solutions to close, process and track your online sales.

Eliminating Some Credit Card Risk for E-Business
January 24, 2001

Introduction

Credit card fraud is the biggest risk for the e-merchants. While all businesses accepting credit cards face this, the Internet merchant is even more exposed. Brick-and-mortar businesses can verify a signature to prove the authenticity of the payment, but there is no such protection for businesses on the Internet. Due to this increased risk, the credit card banks hold Internet merchants 100% liable for the losses and expenses incurred as a result of credit card fraud. The defrauded merchants not only suffer because of the loss of product or services, but they are expected to pay a charge to defray the expenses the bank incurred from dealing with the fraud.

The amount of money lost to online credit card fraud is staggering. One market report estimated that more than $230 million in losses were suffered by Internet businesses in 1999 as a result. (See htp://www.verifyfraud.com/merchantsite/highercost.asp for more information.) In a Forbes magazine report, the estimate for 2000 was over $600 million.(See See http://www.forbes.com/2000/06/21/mu6.html for more information.). Another report states that in the UK, 9 out of 10 e-businesses were hit by online credit card fraud. Judging from these figures, estimates are that about $18 billion will be lost in 2002.

Internet businesses hardest hit by credit card fraud include computer suppliers (hardware and software), electronics, and music/game Web sites. This is primarily due to the products'' popularity , the ease of resale, and the speed with which a criminal can dispose of them and turn a profit. With the increase in e-commerce business, it''s certain that the amount of money lost to fraud will increase exponentially.

The main reason credit card fraud is so high for Internet businesses is due to the anonymity of the entire transaction. A "fraudster" makes purchases without presenting an actual credit card, signing a receipt, or being seen. Additionally, if physical goods are involved, the criminal will most often use a temporary address to receive shipment. These factors make it very difficult for a small- or medium-sized e-enterprise to track down even a fairly novice online culprit.

Proactive Solutions

While it is difficult to prevent credit card fraud, large e-commerce companies have begun to build systems that proactively check parameters entered on an order form while it''s being processed. Many footprints of glaring information can identify a transaction as a fraudulent one. For example, a survey of more than 200 companies performed by the Saint Hamilton Group shows 163-plus companies reported seeing vulgar words entered as either a first name, a last name, or part of an address in an online order form. The same survey also reports that companies linked directly to their bank processors in realtime via the Web were most susceptible to online credit card fraud. Therefore, I decided to develop a solution that would cut down on such incidences and created a component called SC Profanity Check.

SC Profanity Check
SC Profanity Check is meant to check data form fields for profanity. If profanity is found, it notifies the end user that the system has detected a potential fraud. Note that such an approach often tells the culprit they''ve been detected, thus scaring the hacker into either aborting the transaction or submitting their real information. You can download the component here.

Review the following HTML code:

    <html>  <body>     <br>  <FORM action=demo1.asp method=post name="">  <center><table BORDER=0 CELLSPACING=0 CELLPADDING=0 COLS=1 WIDTH="50%" >  <tr>  <td>  <table BORDER=0 CELLSPACING=5 CELLPADDING=5 COLS=1 WIDTH="100%"   BGCOLOR="#000066" >  <tr>  <td><b><font face="Arial,Helvetica"><font color="#FFFFFF"><font   size=-1>SC Profanity Check</font></font></font></b></td>  </tr>  </table>    <br>  <table BORDER=0 CELLSPACING=5 CELLPADDING=5 COLS=2 WIDTH="100%" >  <tr>  <td><font face="Arial,Helvetica"><font size=-1>Text Field</font></font></td>    <td><input type="text" name="textfield" size="30"></td>  </tr>    </table>    <br>   <div align=right><input type="submit" name="enter" value="Check For   Profanity"></div>  <br>  </td>  </tr>      </table></center>  </html>    

Now look at how a few lines of code can help prevent credit card fraud.

    <HTML>  <HEAD>  	<TITLE>SC Profanity Check Demo</TITLE>  </HEAD>    <BODY>    <%    testword = Request.Form ("textfield")  Set test = Server.CreateObject ("scprofanitycheck.profanity")  if test.IsProfanity (testword) = "True" then    Response.Write "SC Profanity Check identified at least one profanity entered."  else    if test.IsProfanity(testword) = "False" then     Response.Write "No profanity"    end if  end if    %>    </BODY>  </HTML>    

About the Author
Michael Chiam is the CEO of Saint Hamilton Group, a leading credit card fraud detection and risk-management company. He has been programming in C/C++ since 1993. His areas of expertise include Visual C++, C++, C, Java, Visual Basic, ASP, XML, SQL Server and other expert systems. He''s an expert in credit card fraud detection and credit card processing systems. In his spare time, Michael Chiam is also a venture capitalist and angel investor. He can be reached at michaelchiam@sainthamilton.com.

Reprinted from 15 seconds.

Tools:

Add ecommerce-guide.com to your favorites Add ecommerce-guide.com to your browser search box IE 7 | Firefox 2.0 | Firefox 1.5.x Receive news via our XML/RSS feed