Today’s prepaid card and phone environment allow users to reload funds or top off the value, via the Web, phone or customer service representative, using a credit card. This is called a card-not-present transaction and is accepted as long as the bank provides an authorization for the amount requested. But is this enough to protect against fraud?
When a merchant agrees to accept credit cards, it also agrees to perform validation to ensure the owner is the person using the card and the card is valid. While this is relatively straightforward in a brick-and-mortar location, the electronic medium is more vulnerable to fraud.
The recommended approach for the card-not-present payment is to verify fully all card payments using the following criteria: card number, expiration date, street address and security code. It sounds simple enough. Yet, many merchants fail to validate the address and zip code, thinking that if the requestor of service has the card’s security code, then he or she must have the physical card in their possession and be the owner of the card.
Why would a merchant not complete the validation process? Consumer buying history has shown that the more obstacles placed in front of the consumer, the less inclined that consumer is to hurdle them. Adding another validation step may provide that final barrier to the end user, who is just looking for an easy way to add minutes and may migrate to merchants that provide easier methods.
More likely, it is a cost issue. Simply adding a zip code can increase the length of time for a phone call on an automated system or the time it takes a representative to ask and receive the information. A simple 10-second increase across 100,000 calls per month costs a merchant 278 hours of talk time. That is a real cost to the business. But those who look at these types of costs must understand the other costs that may impact the business even more.
It is easy to remove obstacles. It is easy to add all validations. But the questions one must ask are: Does it provide the business with a long-term plan? What are the impacts and will your credit card processor really support you?
The Credit Card Process Participants
There are five main entities in a credit card transaction:
- The credit card companies (Visa, MasterCard, Discover and American Express)
- Credit card issuing banks (Discover and American Express are their own issuers)
- The card processor who provides the gateway, the interface to the issuers and the settlement process
- The bank that supports the merchant’s account with the credit card processor
- You, the merchant
Visa, MasterCard, Discover and American Express provide the overall rules that their member banks and card issuers must follow or risk losing their ability to process credit cards.
Rule No. 1: A merchant cannot have greater than 1 percent fraud. Rule No. 2: If a product or service isn’t delivered to a physical address as ordered, then it becomes the merchant’s responsibility. In the prepaid phone arena, the responsibility for fraud protection has been put back on the merchant.
