I summarized last week several little-known ways that small e-commerce sites can reduce credit card fraud and chargebacks. My list included checking the address and other identifying features of a customer's order before approving the transaction
and shipping the product.
That feature brought me several appreciative reader remarks. But Joel Finkle, CTO of JustForKidsBooks.com, had the best feedback. My tips focused on shipments to
North America and the
United Kingdom
, where order-verification services are strong. Finkle feels there are other steps you need to take, especially on international orders. I'll let him say it in his own words:
"We've found one major hole: Charges processed by Verisign's online processing service, for cards whose addresses are outside of the
U.S.
, do not check the address whatsoever. And because it's a bigger risk, the vendor (us) gets charged extra, of course.
"This means that a purchase to be shipped to, say,
Indonesia
on a stolen card need only match the name -- and list
Indonesia
as the billing address.
"Our general policy is that if an order has a different country for the shipping and billing addresses, we want a fax or e-mail
with a scan of both sides of the credit card. We've had exactly one customer balk at this, so we happily shipped to her billing
address, and she took care of sending it overseas.
"Another policy that has avoided fraud is basic 'smell checking:' if it doesn't sound legit, it probably isn't. Nearly every
situation where we suspect a fraudulent order, and we request a card image, we never hear from the customer again. Perhaps
we're losing business, but we're certainly losing risk.
"So what smells bad for us? We sell children's books, which are, to a large degree, not good items for theft: small value,
big shipping costs, and not easy to turn over quickly. So if we get a big overseas order for European comics such as Asterix or Tintin, dictionaries, and a couple of other categories, it immediately sends up flags. ...
"A final note is that there seems to be no mechanism to report fraud from the merchant's side of the world. You can report
your card stolen, but there's no avenue we've found for a merchant to report an attempt at theft."
JustForKidsBooks.com is a true mom-and-pop site, with Finkle's wife, Sue, performing the role of president. They speak from experience about chargebacks and feel the policies they've adopted are saving real dollars. There's nothing at their site about credit card fraud, but
you might enjoy taking a look at it anyway: http://www.justforkidsbooks.com http://bri.li/4e80
- - - - - - - - - - - - - - - - - - - - - - - - - - -
E-BUSINESS BOOK REVIEW: SPEED UP YOUR SITE
We've all heard the rule that a Web page should display within eight seconds, more or less, to keep visitors from jumping
to someplace else. Now Andrew King's new book, "Speed Up Your Site: Web Site Optimization," not only provides scientific evidence for that directive, it shows you the tricks that
make it happen.
Web site optimization, in King's view, is not just speeding up the download time of your pages. Instead, it's intimately tied
up with how users must flow through each page in order to find information or buy something. He supports his findings with
detailed explanations of how to optimize HTML, XHTML, CSS, JavaScript, graphics, and even keywords for search engine listings.
This is dollars-and-cents stuff. See: http://www.amazon.com http://bri.li/0735713243
- - - - - - - - - - - - - - - - - - - - - - - - - - -
LIVINGSTON'S TOP 10 NEWS PICKS O' THE WEEK
1. Patent holder wins suit, seeks immediate halt to BlackBerry service: http://www.nj.com http://bri.li/448
2. Oceanfree.net sells one hour of mapping for 50 cents via cell phone: http://www.bizplus.ie http://bri.li/830
3. Details of how the above micropayment system works in one country: http://interactive2.iol.ie http://bri.li/c18
4. Expert tells his marketing secrets for mom-and-pop e-businesses: http://www.webtalkguys.com http://bri.li/1000
5. Developer David Stutz leaves Microsoft, saying it's not getting the Net: http://www.crn.com http://bri.li/13e8
6. Google buys Pyra Labs, the largest of the Web log platforms: http://weblog.siliconvalley.com http://bri.li/17d0
7. Which of the many certification programs are best for developers? http://www.builder.com http://bri.li/1bb8
8. Vendors competing to sell secure, corporate instant messaging: http://www.newarchitectmag.com http://bri.li/1fa0
9. Robots that look back at you are the new computer "interface": http://news.bbc.co.uk http://bri.li/2388
10. Why being smart made you an outcast in secondary school: http://www.paulgraham.com http://bri.li/2770
- - - - - - - - - - - - - - - - - - - - - - - - - - -
WACKY WEB WEEK: THE STUPID SECURITY AWARDS
Someone's finally stated the obvious: a lot of the new security measures imposed recently in the
United States
have nothing to do with security but are "pointless, intrusive, stupid, and self-serving."
That's the view of Privacy International, a coalition of human rights groups, which is sponsoring "The Stupid Security Awards."
The contest is now accepting nominations, including one from a computer security expert who calls today's airport measures
"NERF-based security -- it looks real, but doesn't hurt anyone if you're hit by it."
The contest will receive nominations until March 15. The "winner" will be announced in April. For more information, see: http://www.wired.com http://bri.li/c3b0
- - - - - - - - - - - - - - - - - - - - - - - - - - -
ABOUT THE AUTHOR: Brian Livingston is publisher of http://www.BriansBuzz.com. Research director is Vickie Stevens. Brian has
published 10 books, including:
Windows Me Secrets: http://www.amazon.com http://bri.li/0764534939
Windows 2000 Secrets: http://www.amazon.com http://bri.li/0764534130
You'll receive a gift certificate good for a book, CD, or DVD of your choice if you're the first to send Brian a Top Story
or Wacky Web Week he prints. Send tips to mailto:Brian@BriansBuzz.com with "tip" in the subject line.
COLUMN
enKoo
Xerox
Toshiba
Cisco
SAP
