Fraud Prevention & Control Options
CLICK HERE for the Anti-Fraud: Getting Started section.
As always, test your forms before making any changes live.
Unfortunately, fraud has become a "way of life" for credit card processing companies such as Visa, MasterCard, and American Express. The costs associated with fraud are passed on to the gateway, merchants, and customers. We do our best to limit the amount of fraud, and have created features to help you do the same.
If you determine that a customer is abusing your account by placing fraudulent transactions, please let us know so that we may take appropriate action.
Address Verification Service (AVS)
As part of every transaction processed, the customer’s address and zip code are sent to your processing network for AVS verification. The processing network returns an AVS "code" indicating whether the customer-provided information matches the information on file for the customer at their processing bank.
The processing network will not decline transactions based on an AVS response. However, the processing network returns an AVS code so that the merchant may decide whether or not to accept the transaction. An AVS code indicating an address and/or zip code match or mismatch is returned with each authorization and displayed in your transaction listing.
Since transactions are processed in real-time, you, as the merchant, must choose to have the payment gateway automatically void transactions for which the customer’s address and/or zip code do not match. This is done via your AVS setting. You must select one AVS setting for all of your transactions, but you may change this at any time via the "Account Settings" in your Control Panel.
Note: Most non-US banks do not support AVS. If you have foreign customers, you should consider setting your account to "Allow All" to prevent rejection of valid non-US transactions. As an alternative, you may set up a second "foreign only" account with its own AVS setting.
AVS Settings Available Are:
- NO VERIFICATION – All valid credit card transactions will be processed regardless of the AVS response.
- REQUIRE ZIP MATCH – Authorized card transactions will be voided if the zip code entered by the customer does not match the zip code on file at the processing bank.
- REQUIRE ADDRESS MATCH – Authorized card transactions will be voided if the address entered by the customer does not match the address on file at the processing bank.
- REQUIRE ADDRESS & ZIP MATCH – Authorized card transactions will be voided unless both the address and zip code entered by the customer match the information on file at the processing bank.
Card Verification Value Code (CVV)
The CVV code is a security feature for "card not present" transactions (e.g., Internet transactions), and now appears on most (but not all) major credit and debit cards. This new feature is a three- or four-digit code which provides a cryptographic check of the information embossed on the card. Therefore, the CVV code is not part of the card number itself.
The CVV code helps ascertain that the customer placing the order actually possesses the credit/debit card and that the card account is legitimate. Each credit card company has its own name for the CVV code, but it functions the same for all major card types. (VISA refers to the code as CVV2, MasterCard calls it CVC2, and American Express calls it CID.)
Please note that CVV data may not be stored by the merchant and is not stored in our databases. In addition, CVV options are not available for all networks. Contact support for details regarding your network.
The three-digit CVV code is printed on the signature panel on the back of the card immediately after the card’s account number, as show in this example:
Note that the CVV code is printed only on the back of Visa and Master cards and it is not contained in the magnetic stripe information nor does it appear on sales receipts or in confirmation emails.
The four-digit CVV code is printed on the front of the card above the card number. Note that this is not an embossed code; it is printed directly on the plastic, as shown:
As with AVS, you must select one CVV setting for your account for all transactions. You may change this at any time via the "Account Settings" in your Control Panel.
CVV Settings Available Are:
- NO AUTO-VOID – All successful credit card transactions will be processed, with or without a correct CVV entry.
- VOID IF CVV NOT ENTERED – A customer’s transaction will be voided if the bank indicates that a CVV code should exist on the card, but was not entered.
- VOID UNLESS CVV MATCHES – A customer’s transaction will always be voided unless the CVV code entered matches.
Lookup Values for CVV Are:
- M – Match
- N – No Match
- P – Not Processed
- S – Issuer indicates CVV2 should be present. Merchant indicates not present.
- U – Issuer has not certified for CVV or has not provided CVV encryption keys.
To include CVV functionality in your order form(s), you’ll need to include the following input variables: <INPUT NAME="cvv2_number" SIZE=5>
An example of this on your form would look something like this:
For your protection, we require that you enter the "CVV" number from your credit card.
VISA/MASTERCARD: The three-digit CVV code is printed on the signature panel on the back of the card immediately after the card’s account number.
AMERICAN EXPRESS: The four-digit CVV code is printed on the front of the card above the card number. Note that this is not an embossed code; it is printed directly on the plastic.
Don’t have a merchant account?
Get started with a secure merchant account.
Please do not hesitate to contact us with any questions.
PO Box 999
314 South 200 West
Farmington UT 84025-0999
Phone: (801) 298-1212
Fax: (801) 298-9789
For technical assistance, please submit a ticket via the iTransact Support Center.