Creating an effective dispute and fraud prevention strategy that best suits your business can help prevent fraud from occurring. By employing some of these best practices as part of your overall strategy, you can avoid excessive chargebacks and reduce potential customer burden and losses.
Omnibasis built tools for everyone that can leveraged to reduce fraud and dispute incidents.
Be clear and transparent with your customers
Clear and frequent contact with your customers can help prevent many of the reasons for disputes. By responding to issues and processing refunds or replacement orders quickly, your customers are far less likely to take the time to dispute a payment. Make your customer service contact information easy to find, keep customers updated throughout their order process, and provide updates about deliveries. Omnibasis offer omniCustomer product, an integrated customer centric management system with 360 view of your customers.
Note: You should include a clear description of your refund and cancellation policies in your terms of service. You can require your users to agree to your terms of service in order to increase the likelihood that card issuers respect your policies in the event of a dispute. Use Omnibasis omniTrust product to manage your customers consent and permissions and track user agreements.
Require Term of Service Agreement
Make your terms of service and policies easy to find on your website, and require customers to agree to them. Rather than simply linking to them during checkout, provide a full version of them on the checkout page or as a pop-up with a requirement to agree to them prior to submitting the order. Omnibasis makes it easy for you to customized a checkout experience, including any terms that you require customers to agree to. Use hosted payment pages and custom workflow to configure exactly what you need.
Show Complete Policy
Card issuers can be very specific about how you present your policies. If you have a checkbox your customer must accept that only contains a link, it can be rejected as unsatisfactory evidence that your customer was aware of your policies. There must be reasonable evidence that your customer was presented with a full copy of your policies prior to their purchase. Omnibasis requires customer to click the link and read the policy before accepting.
Track Shipping
When shipping physical goods to customers, use carriers and services that provide online tracking and delivery confirmation whenever possible. Provide this information to your customers as soon as it’s available (if you need to submit tracking information as dispute evidence, note that card issuers do not follow links so screenshots must be provided). Omnibasis is integrated with all shipping providers to automate shipping status update.
Use clear statement descriptors
Set a recognizable name for your statement descriptor through your account settings for a payment gateway. We recommend using your website domain or business name to ensure customers can easily identify their purchase when they look at their statement.
Statement descriptors are limited to between 5 and 22 characters. They must contain at least 5 letters and cannot use the special characters <, >, \, ', or ".
Avoid using the same tenant name on Omnibasis for separate businesses. Each tenant name and account should represent a single business, which allows for separate payment gateways and contact information. If you need to process payments for multiple businesses, create additional business tenants for each.
Consider proactively refunding suspicious payments
You should immediately refund any payment you’re sure is fraud. If you know you’re going to receive a fraud dispute on it, you can save yourself the dispute fee, the increase to your dispute rate, and the potential loss of product by fully refunding the fraudulent payment.
While fully refunded payments can’t be disputed by the customer, partially refunded payments still can be. Card network rules even allow for a payment that has been partially refunded to be disputed for the full payment amount.
However, sometimes you might suspect a payment is fraud, but your suspicions fall short of absolute certainty. Sometimes it makes sense to aggressively refund every charge that falls into this gray area and sometimes it doesn’t.
You might want to pursue an aggressive refund strategy if any of the following apply:
- Order not yet fulfilled. The loss of your product could be prevented by a refund. That is, if you haven’t already committed your product or service in some irreversible way by the time you suspect fraud, you might want to be more aggressive in refunding. Whereas if your product or service was irretrievable—for example, the product already shipped, or the service has already been used—it might make more sense not to refund, and to wait and see if it does turn out to be fraud.
- Excessive disputes. Your recent dispute activity has been excessive by card network definitions, which could put your account standing with omniPay at risk or put you at risk of being identified into a chargeback monitoring program.
- Chargeback monitoring program. You are already in a chargeback monitoring program and need to exit the program.
- New or small business. Your business has small enough payment volume (say, fewer than 100 payments per month) that one or two fraud disputes can have a very outsized impact on your dispute rate, even if you otherwise have little dispute activity.
If none of the above apply, you might want to be more conservative with how frequently you proactively refund charges you suspect are fraudulent.
Refunding a payment as fraud
To refund a payment, in the transaction details, select the payment and click Refund, mark it as a fraud. This refunds the payment and reports it as fraudulent to omniPay so that we can further improve our fraud detection.
Delay shipping orders
If you ship physical goods, consider delaying the shipment by 24-48 hours. This time gives cardholders a chance to spot and report any fraud on their accounts. You would still receive a fraud dispute in this scenario, but at least you would not lose the merchandise as well. Not all cardholders check their statements on a daily basis, however, and their card issuer may not proactively notify them about the transaction.
Customers that request overnight or expedited shipping should be considered higher risk, as the increased cost of such services is of no consequence to fraudsters. One tactic you can use to identify these types of payments is to offer same day or overnight shipping at a very high cost–many times more expensive than any other shipping option you provide.
It’s far less likely that any legitimate customer would pay such a high cost, but a fraudster would want the goods to be shipped as soon as possible and have no regard for the additional cost. You can then manually screen any customers that opt for the anomalously expensive shipping option and scrutinize the order to determine if it looks genuine.
Ship to a verified address
Shipping to a verified billing address which has passed postal code and street address checks is the safest option. When using an address that has not been verified, you cannot prove that the order was shipped to the legitimate cardholder if the payment is later disputed.
Note: Omnibasis provides an integrated address verification that utilizing Google Maps address service.
This doesn’t prevent you shipping to a different address, though you should do all you can to mitigate the risks involved. For instance, you may only want to ship orders to a different address for returning customers you already know to be legitimate, or who provide a fully verifiable billing address. In addition, any of the following could indicate the payment is suspicious:
- The order is much larger than normal, or is only for your most expensive products
- The customer changed the shipping address after placing the order
- The customer requested expedited shipping
- The products ordered have a high resale value
- The shipping destination is different from the billing address or the card’s country of origin (for example, the billing address is in Spain, but the shipping address is in France)
Reviewing the order and the shipping address information can help you determine whether or not the order presents an unacceptable risk to you.
Benchmarking your dispute rate
Your account’s dispute rate is an important metric to use when reviewing the efficacy of your disputes and fraud prevention methods. You can regularly review these metrics in your omniPay Dashboard to see the impact your dispute prevention strategies are having.
Fraud Prevention Tools
Fraud prevention tools for fighting fraud that is built into Omnibasis and requires no additional integration work or extra fees.
Manually review payments
omniPay includes a review feature that allows you to place certain payments into review—though keep in mind that these payments are still processed and the credit card charged. These payments are placed into the review queue for you to take a closer look at. If you suspect the payment is fraudulent, you can refund it.
You should review payments that omniPay has placed into your review queue as soon as possible. Payments with an elevated risk of fraud are automatically marked for review. You can also create additional rules to customize the types of payments that should be placed in your review queue.
Here are some considerations when reviewing a payment:
- Does the billing address match the shipping address?
- Has the billing address been verified by AVS? Does it also match the card’s country of origin?
- Does the customer’s email address match the cardholder’s name?
- Is this an order that the customer has asked to be expedited?
- Have multiple orders from different credit cards originated from this same IP address?
- Has this customer made many order attempts that have been declined?
If you’re unsure about a payment when you’re reviewing it, you should always contact the customer by phone or email. If a payment’s billing and shipping address don’t match, look into the shipping address using integrated Google Maps & Street View links to find out more. A common tactic that fraudsters use is to have orders shipped to a freight or mail forwarding service or storage facility that forwards the goods to their actual location.
Use fraud prevention rules to automatically block payments or place them in review
Fraud prevention tools are built directly into the payment flow and combines a customizable rules engine with powerful machine learning algorithms. It can detect patterns across payments from every business processing payments with omniPay, assessing the risk of each one.
Using rules, you can automatically evaluate payments based upon your specific detection criteria and take the appropriate action on them. You can also create rules that use multiple criteria, allowing you to allow or block payments that meet multiple conditions. Each business faces different risks.
Country and card type limiting
If you’re experiencing increased fraud coming from certain countries, you can set up rules to block payments from any country you do not want to accept payments from, using the Ip Country and Card Country rules. For example, you can create the following rule to block all payments and cards originating from Canada by adding Canada to Block list of Ip Country and Card Country. Similarly, if your business only supports the country it operates in, you can create a rule that blocks any payments from all other countries. For example, a rule to block payments that don’t originate from Australia is: Allow Only if Ip Country and Card Country is Australia.
You can set limits on which type of cards to accept, either by brand, (for example, Mastercard), or by funding type (for example, pre-paid). This can be particularly helpful if you see excessive fraud from certain card types. To block payments from all Visa-issued debit cards, an example rule would be to configure block for Cards Visa and Funding Debit.
Collect as much payment information as possible
Some disputes are lost because only the minimum information was required during checkout. This makes it difficult (sometimes impossible) for omniPay or the card issuer to verify that the customer is legitimate. For instance, while a billing postal code is not always necessary to process a card payment, including it allows the payment to be verified by the card issuer. If verification fails, consider rejecting the payment as this may be an indication of fraud.
Use hosted payment pages and custom workflow to customized checkout and fraud detection to ensure your integration is best equipped to provide relevant payment information, such as:
- Customer name
- Customer email address
- CVC number
- Full billing address and postal code
- Shipping address (if different from billing address)
- Tracking information
Programmatically verify your customer’s identity
For some, verifying the identity of customers can be beneficial. Consider using Omnibasis omniVerify to verify a government ID and match with a selfie of the document holder. Alternatively, you can also ask customers to connect their Facebook or LinkedIn accounts as a further proof of identity. This is an extra step that a fraudster might not take. Of course, some legitimate customers may not want to go through this additional step either, and your conversion rate may suffer as a result.
Use authorize and capture when creating payments
Credit card charge attempts are processed in two parts. The charge is first authorized by requesting authorization for the amount to charge from the card issuer. After a charge is approved, by default it’s then captured immediately afterwards and the amount deducted from the card.
A capture later payment flow (sometimes called “authorize and capture”) is the process of performing these two steps at separate times. The authorization can be made first, which holds the amount on the card and appears on a customer’s statement as a pending transaction, but does not actually move money out of their account. The charge can then be captured any time up to 7 days after the authorization. Capturing a charge completes the payment and the funds are deducted from the customer’s card. If a charge isn’t captured within the time limit, the authorization is automatically released.
Similar to delayed shipping, this method can allow enough time for potential fraud to come to light, giving you the option to carefully review—and potentially refund—the transaction. Cardholders cannot dispute uncaptured authorizations, only fully captured payments.
Set a custom statement descriptor for each payment
The statement descriptor is the text that appears on customers’ card statements with information about the company that’s associated with a payment. One way to use a statement descriptor is to insert a short, random code that your customer then has to verify. When you suspect a transaction might be fraudulent, you can contact your customer and ask them to give you the code that is shown on their online statement, and if they do not, you would refund the payment.
You can either edit your default statement descriptor within the payment gateway configuration or set a dynamic statement descriptor whenever a payment is created through the payment workflow.
While this method can’t help against a fraudster who may have access to a cardholder’s online card issuer or credit account, this is rare. Using the statement descriptor in this manner can provide reassurance that the customer is likely to be genuine. As with some other prevention methods, the added customer friction of this method could lead to some legitimate payments being refunded.