suspicious e-commerce transaction characteristics:
- First-time customers. This one is tricky. New customers are exactly what you should want, but you have to be careful. Criminals can use stolen cards for a very short time, so they are always looking for new victims. Once they commit a fraud at one merchant, they usually move on to another and never come back.
- Larger-than-average orders. Similarly to the previous item, large orders are something that should be welcome. Yet, you need to be careful, especially if they are placed by new customers. Stolen bank cards have a very limited life span so criminals will try to maximize their profits by buying as much as they can before the account is closed. Placing large-size orders are one way of doing that.
- Orders for several similar or identical items. Just as is the case with larger-than-average orders, purchasing multiple items of the same kind is a way of maxing out stolen cards as quickly as possible. Criminals don’t typically buy items for personal use but for resale, so all they care about is how quickly they can flip them.
- Overnight delivery. As criminals don’t much care about shipping costs, because they are not paying for the item, they are more likely than legitimate customers to forgo a free or lower-cost delivery option in order to get the merchandise as soon as possible.
- International shipping addresses. A large number of fraudulent transactions are shipped to international addresses. The Address Verification Service can only work for U.K. addresses outside the U.S., so it will be your decision whether or not to accept orders from abroad.
- Payments with similar card account numbers. Software that generates false card account information is widely available and is often used by criminals. Account numbers generated by such tools are often similar and your fraud prevention system should be able to identify them.
- Multiple orders shipped to the same address. This may indicate that criminals are using a stolen batch of cards or have fraudulently generated account numbers.
- Multiple orders on one card in a quick succession. Such an activity may indicate that a criminal is attempting to run up a stolen card’s credit line as quickly as possible, before the account is closed.
- Multiple shipping addresses. Similarly to the previous scheme, a criminal, or in this case more likely a group of criminals, may be using a card multiple times in a short period of time, but this time the orders would be going to several shipping addresses. You will need to decide whether or not to accept orders where the shipping address differs from the billing one.
- Multiple orders from a single IP address, but with different cards. Such a pattern may indicate multiple orders placed from the same computer, even if different names and shipping addresses have been used
