Credit Cards


Peanut Butter Jelly Time...for fraud?

Peanut Butter Jelly Time...for fraud?

By Jason Solano

The Directade Business Rules Series is taking a look at the practices, processes, and settings that help to power Direct-To-Consumer and Subscription businesses. Each week we’ll cover new questions related to Business Rules best practices that can help companies optimize their sales funnel and increase customer lifetime value.

This week we’re focusing on three tough questions related to credit card processing. We suggest you discuss these questions with your Finance and Marketing teams, your credit card processor, and industry experts like us.

1. Should you require the CVV (Card Verification Value) in your shopping cart?

Card security codes, commonly known as CVV codes, vary differently by each credit card brand.

Requiring the security code in your shopping cart can increase authorizations, reduce chargebacks, and help block many types of fraud.

The downside is the potential decrease in your conversion rates. The fast, seamless checkout flow you desire is affected by the amount of information you require. Plus, some consumers may not want to provide their security code.

If you do require the security code, it’s ideal to display a card-specific graphic for your customers. Having this in your cart will help them locate the code. Another important tip for subscription companies - DON’T store the security code. It’s against PCI standards and you will be penalized.

2. Do you allow gift cards, both reloadable and un-reloadable?

If you’re engaging in simple one-off e-commerce, your risk is low and you should take both kinds of gift cards.

However, the answer may not be that simple. If you’re running a subscription business with your profitability dependent on recurring revenue, gift cards can pose some serious challenges. For example, a gift card can be used by some customers who really want to try your product at a low price, but absolutely don’t want to risk being charged for their first full-priced recurring shipment.

Gift cards are the peanut butter to a fraudster’s jelly. I’ve seen individuals build staggeringly large businesses on Amazon and Ebay by re-selling products purchased with stacks of gift cards.

If your brand offers low introductory prices and payment plans, you should seriously consider prohibiting (at the very least) un-reloadable gift cards for your subscription membership offers.

3. Do you force deposits for some credit card authorization declines?

Some companies utilize a practice called a forced deposit or forced settlement when an authorization can’t be obtained or the charge failed due to an authorization decline.

Many of these transactions may have failed due to a technical issue or a temporary lack of funds from the customer. However, the practice is heavily discouraged by payment processors and often carry transactional fines. The likelihood of chargeback also increases with forced deposits.

It’s very difficult to justify this practice as customer friendly despite disruption caused by a failed transaction.

Find more insights from Directade here



By Jason Solano

Directade’s Business Rules Series is taking a look at the practices, processes, and settings that help power Direct-To-Consumer and subscription businesses. Each week we’ll cover new questions related to Business Rule best practices that can can help companies optimize their sales funnel and increase customer lifetime value.

We start off this week with some questions about credit card authorization.

Do you authorize credit cards before accepting a new order?

A very common answer to this is “of course I obtain a pre-auth before I take an order.” However, the practice of obtaining a pre-authorization has been discouraged by Visa since 2009 (via additional fees and declines) because the typical $1.00 pre-auth is an early sign of fraudulent card-testing. Getting an authorization is still a necessity in order to verify funds prior to accepting an order, since a settlement still takes several days to process. In order to avoid potential declines, it’s important to make sure you’re obtaining the authorization for the full amount.

What do you do with new orders that do not pass credit card authorization?

Declining orders due to a failed credit card authorization may seem like the only prudent choice, but you should consider a few other options. Authorizations fail due to two primary reasons: the cardholder has insufficient funds in their bank account or they have exceeded the limit on their credit card account. What do you do next? Both of these instances are likely to be temporary. Presuming you’ve provided a feedback loop that includes asking for a different card, you might consider still taking the order. Work with your credit card processor and fulfillment center to hold the order and recycle the authorization. Re-contacting the potential customer via e-mail or an outbound call might be worth the cost and effort. Shipping the order with an open invoice is another much riskier option, so only consider that if you have excellent fraud detection rules and a tolerance for potential write-offs. Remember that your media is a sunk cost, so any recovery will quickly impact your bottom line.

Next time: How does your billing really look to your customers?