Prevention is the cure ...

Credit card fraud prevention

E-commerce web design is a key service which we offer, so we thought it appropriate that we have information relating to the often overlooked but important area of credit card fraud.

E-commerce web design is a key service which we offer, so we thought it appropriate that we have information relating to the often overlooked but important area of credit card fraud.

The following article reviews the phenomenon of credit card fraud with a focus on Internet transactions. It addresses the issues related to the fraudulent use of credit cards in the Internet environment and what can be done by Web designers and merchants to minimise it happening.

Credit card fraud

"Fraud: (frd) -n.
 A deception deliberately practised
 in order to secure unlawful gain."

Credit card fraud costs Australian business 100 million dollars annually. While this may seem like a lot of money to most of us it fortunately only represents a tiny fraction of all transactions which occur every year. This means that the vast majority of people using credit cards are honest folk who enjoy the convenience and security offered by these financial services. It also means that the probability of getting stung by a fraudster is quite low.

We don't believe one should become paranoid regarding this issue, however by following a few basic common-sense rules the probability of being stung by credit card fraud becomes insignificantly low.

Credit card fraud can occur if your client is standing in front of you in your shop, phoning or faxing through an order or if they're on the other side of the world sitting behind a computer terminal using your e-commerce site.

Credit card fraud on the Internet

The anonymity offered by the Internet makes it difficult to detect fraud. When an Internet credit card transaction occurs a merchant essentially, has only the relevant numbers on the card with which to proceed with the transaction. His natural intuition cannot serve him as it would were the client standing in front of him.

There is also no signature to back up the order. This means that the onus is on the merchant to prove to the bank that the true cardholder authorised the purchase. If the merchant cannot do this, he or she can end up wearing the loss.

Before the advent of secure transaction servers it was possible to steal credit card numbers in transit between a merchant's web site and their e-mail server. Through the use of secure socket layers (SSL) it is now virtually impossible to steal credit card numbers during a transaction. Most people refuse to hand over their credit card and personal details unless the web site is secured by these systems.

Minimising internet credit card fraud

Fraudulent credit card practices are an important consideration for the merchant in both online and over-the-counter purchasing. While it's important to maximise payment methods to offer convenience for your customers, at the same time merchants should take extra care with their procedures for processing card transactions.

The best way to prevent fraud is caution and common sense. With careful assessment of the cardholder or transaction, you should be able to minimise the risks of fraudulent credit card sales.

To help minimise the risk of fraudulent credit card use we have compiled the following list of characteristics to look out for.

  • Large one-off purchases allowing a fraudster to minimise their chances of being identified
  • Multiple unit orders that maximise resale value and profit potential of the goods being ordered
  • Multiple transactions on one card or similar cards with a single billing address but multiple shipping addresses that indicates fraudulent activity by an organised, large-scale group
  • Orders shipped to a single address but made on multiple cards
  • Orders shipped to Post Office boxes that provide anonymity to fraudsters
  • Orders shipped "rush" or "overnight" to deliver fraudulently obtained items as soon as possible for quick resale
  • Orders shipped to a country you do not normally deal with where the goods would be readily available in the local market
  • Orders from internet addresses using free e-mail services that do not require a billing relationship or verification that an account was opened by a legitimate cardholder. (Research indicates that a high percentage of fraudulent transactions are initiated through the free, web-based or e-mail forwarding services)

CVC Numbers

This is the credit card's Card Validation Code. The Card Validation Code, Card Validation Value or Card Identification Number (CVC for MasterCard / CVV for Visa and CID for American Express) is a security code printed on the credit card.

This code was introduced as a means to counter credit card fraud because it cannot be obtained from an imprint of a credit card. Asking for this number can help prove that the actual credit card (not just the card numbers) is in the possession of the person using it.

For American Express, it is a four-digit code found on the front of the card. For MasterCard and Visa, it is the last three numbers that are displayed on the signature panel on the back of your credit card.

CVC number example

Authorisation is NOT authentication

Remember that card authorisation does not identify to whom the card belongs or who is placing the order over the Internet. The fact that a transaction is authorised does not guarantee the card number quoted by the customer has not been stolen. Authorisation only confirms that the funds are available and that the card has not been reported lost or stolen. It does not guarantee payment.

The key to reducing Internet fraud is verification
of the customer's identity and address

While authorisation is helpful, it should be combined with other integrity checks if you have reason to suspect the transaction.

What to do about fraudulent credit card orders

If you suspect an order as being fraudulent consider the following options:

  • Request the cardholder fax the front and back of their credit card to you, along with suitable identification (eg. Driver's Licence)
  • Request the name of the cardholder's bank. If the fraudster is not aware of which bank the card number belongs to, they may not proceed with the order.
  • Confirm orders separately before shipping by follow up phone call, phone number verification and address verification
  • If all else fails you can always decline the order

Merchant Fraud Video

The following link takes you to the National Australia Bank web site's credit card fraud video which provides important information for fraud prevention.

Click here for the Merchant Fraud Prevention Video.


The Internet gives merchants access to a global marketplace of millions of potential clients. The rewards of success are phenomenal. Every year more and more transactions occur on the Internet as people become more comfortable and confident in the technology. As the technology evolves it will become increasingly harder to defraud the system.



Back to top of page
  We are located in the Warringah Shire on Sydney's Northern Beaches.
Phone: 0408 843 664

(C) Copyright 2022 by Daniel Vidoni. All rights reserved.