While it's challenging to entirely eliminate the threat of fraud for e-commerce stores, you can quickly investigate an order before you fulfill it.
Payment fraud is a false or illegal transaction, that was not authorized by a customer. Fraudulent transactions can cause you to lose money.
A customer can contact their bank and claim that they shouldn't have been charged for a particular transaction. If the bank considers the customer’s claim as valid, it can issue a chargeback. This chargeback pulls the purchasing funds from the merchant and returns them to the customer.
Fortunately there are steps you can take to reduce the number of fraudulent orders. Read on to learn what you can do to prevent payment fraud.
You can greatly reduce the number of fraudulent orders you receive if you are using a secure payment gateway that uses Address Verification System (AVS) and checks the Card Verification Value (CVV) data.
AVS compares the numeric parts of a billing address stored on a credit card to the address supplied by the customer at checkout. CVV is the three or four digit number on the back of a credit card and is a security feature used to prevent card-not-present fraud.
Ecwid is integrated with secure payment processors that are trusted worldwide like PayPal, Square, Stripe, Authorize.Net and others. Here you can see the full list of Ecwid's supported payment gateways.
Fraudsters often use non-valid phone numbers to place orders online. So you can call the number on the order and if someone answers ask them simple questions about their order. If they know the order details and communicate normally, the order is likely to be valid.
In Ecwid you can require customers to leave a phone number on checkout by enabling the correspondent option in your Ecwid admin, go to Settings → General → Cart & Checkout:
A fraudulent order is likely to have a shipping address that does not match the billing address. If the two addresses belong to different countries or continents, the order is potentially fraudulent. We recommend emailing or calling the customer on the phone and asking them for a payment proof.
If you receive multiple failed orders from the same person, we suggest contacting the customer using the information provided at checkout to find out what problems they might have.
In case there are multiple orders with different billing addresses and names, but they all share the same shipping address, this can be a sign of fraud.
The IP address from which an order was placed can indicate potential fraud. You can find the IP address that is associated with the order in the Customer section of the Order detail page in your Ecwid admin, go to My Sales → Orders, order details page:
We suggest contacting the customer and verifying the authenticity of the order in case the customer's IP address is located in a different area from their billing address.
You can also use the free web tools to look up the geolocation and other information about a specific IP address: http://www.whatismyip.com/, https://whatismyipaddress.com/, https://www.ip2location.com/, https://www.myadminip.com/
In rare cases, your store can become a target for spam orders. That means you may have been getting a large number of orders with attempts to pay for them via payment cards with invalid card numbers or incorrect CVS. Or maybe some customers are wardrobers. Whatever the reason is, there are several ways to restrict shoppers from buying in your store.
The first way is to install the Block Orders: Prevent Fake Orders app from the Ecwid App Market. It can block customers by email, phone, country, or IP address. The app costs 5.21 USD for a monthly license, 12.50 USD for quarterly, 40 USD for annual, and 250 USD for a lifetime license.
The second way is to limit your shipping settings to your country only so that orders from other countries can't be placed. For instance, you sell in the US. In that case, limit the destination zone for all your shipping methods to the US.
To limit a zone for your country only:
- From your Ecwid admin, go to Shipping & Pickup and click on the shipping method you need to set up.
- Click Manage zones.
- Click Add New Zone.
- Click Add Country to restrict the zone to a specific country:
- Select this country from the list (it’s the United States in our case) and click Add countries to confirm your choice.
- Click Save.
Done! Now only customers from the US will be able to place orders from you.
The third way is to restrict IP addresses for sites built with WordPress and other site builders.
Wix currently doesn’t have a feature for blocking IP addresses, but you can reach out for their support for any possible workarounds.
If your site is built with another software, contact their support for possible solutions.