Announcement

Collapse
No announcement yet.

Carding and other fraud

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Carding and other fraud

    Several times during the past year, we have been attacked by a series of fraudulent transactions on our old payment processing system. The payment processor has called it "carding". Since we are switching to Click & Pledge, I would like to know how this system will interrupt such transactions. Some such transactions have all of the correct account information including address and security code. Will these transactions be accepted by Click and Pledge? A greater number of transactions have the correct security code but incorrect address. Will these be rejected by Click and Pledge?

    Basically, I need to know how the anti-fraud systems identify suspicious activity.
    Tags: carding, cv3, cvc, fraud, protection
    • #2
      Good day!

      We employ various methods and third party provides as well as AVS to identify fraud and block suspicious activity. Of course no method is 100% guaranteed and there is always leakage.

      We guarantee to waive all fees associated with fraud so if any fraudulent transactions occur all chargeback and associated fees are waived.

      Please let us know if we can be of any further assistance.
      Regards,
      Click & Pledge Support Department

      Join us @ the educational webinars: https://clickandpledge.com/webinars/
      Live Support- read more: https://support.clickandpledge.com/s/article/general-information-live-support/

        Comment

        • #3
          OK, thanks. I guess we'll see how things go once we go "live". Having trouble with iPage and GeoTrust. They are saying it may be as much as a month before they get it fixed. Yikes!

            Comment

            • #4
              Good day!

              I am not sure I understand. iPage has problem with an SSL provider? how can that be?

              can you not use another SSL provider? The following site can give you a lot of options at very good prices: http://servertastic.com

              Not sure how we can help.
              Regards,
              Click & Pledge Support Department

              Join us @ the educational webinars: https://clickandpledge.com/webinars/
              Live Support- read more: https://support.clickandpledge.com/s/article/general-information-live-support/

                Comment

                • #5
                  Why are you surprised that iPage would have a problem with an SSL provider?

                  They apparently have an exclusive agreement with GeoTrust, so we can't get a certificate anywhere else.

                  I wasn't asking for help. Just stating a fact. Thanks for the suggestions.

                    Comment

                    • #6
                      Good to know..

                      will help others in the forum just in case.

                      thank you for sharing.
                      Regards,
                      Click & Pledge Support Department

                      Join us @ the educational webinars: https://clickandpledge.com/webinars/
                      Live Support- read more: https://support.clickandpledge.com/s/article/general-information-live-support/

                        Comment

                        • #7
                          You're welcome.

                          Along these lines, I was thinking about the security of the account information present in the code of a typical FaaS form. Would it be prudent to hide the account number and/or GUID somehow? Otherwise, a credit card thief could duplicate our form and rapidly issue transactions on our account. What would prevent this? Is there a way to create a form with PHP or Javascript such that the critical information is not sent to the donor's computer?

                            Comment

                            • #8
                              Good day!

                              You are bringing up a good point.

                              When we design forms we write a Javascript and read the account information through that file. The problem with doing it this way is that older browsers won't be able to run the form if JavaScript is not supported, IE 8 and earlier- especially if your JS library is a new version not supported by those browsers.

                              From a security perspective you have a few other options available.
                              • Account Info > Profile > API Information


                              click to enlarge
                              Click image for larger version Name: API_Security.jpg Views: 1 Size: 100.7 KB ID: 15450

                              You may use the Allowed URL's and add the URL from which a transaction may be processed. Make sure to test and enter the correct URL otherwise all transactions will fail due to URL validation error.

                              I believe based on what you are stating to be a concern the above will address your concern.
                              Regards,
                              Click & Pledge Support Department

                              Join us @ the educational webinars: https://clickandpledge.com/webinars/
                              Live Support- read more: https://support.clickandpledge.com/s/article/general-information-live-support/

                                Comment

                                Previous template Next
                                Working...
                                X
                                😀
                                🥰
                                🤢
                                😎
                                😡
                                👍
                                👎