Comment by GnarfGnarf
3 years ago
TL;DR: If your fraud-prevention measures are too stringent, you will alienate your honest customers. Relax just enough so that the losses to fraud are less than what business you would lose if you were any more strict.
True, but we don't always get the balance right.
Take, for example, many sites asking for the CVV code when using a saved card. In many cases, why?? If I supplied the CVV once and I haven't changed anything since what's the chance a subsequent order is fraud?
There's also the problem that some anti-fraud measures would have to be implemented by the credit card company but they're not the ones that eats the cost. I could see a market for a credit card with better terms but where you must approve every transaction with an app on your phone--but how do you make that work in the current marketplace?
I have a credit card that supports virtual numbers--but it's a pain to use. Their benefit, but a hassle for me.
> True, but we don't always get the balance right.
Agreed :)
> Take, for example, many sites asking for the CVV code when using a saved card. In many cases, why?? If I supplied the CVV once and I haven't changed anything since what's the chance a subsequent order is fraud?
As a fraud risk manager, I've seen this scenario way too often: Say you have your card saved on a merchant website - fraudsters can often compromise your login on said merchant site and go on a spending spree with all your saved cards (unless you ask for a CVV from time to time, that is).
Spending spree on what? What do they gain? You ask for the CVV again if anything changes about the delivery.
>I have a credit card that supports virtual numbers--but it's a pain to use.
I just got an email from Capital One pushing me to link my card with Google Checkout because it would use a virtual card number for each transaction.
The merchant is not allowed to store the CVV in its database. Need it every time.
No, it's quite possible to do a card transaction without the CVV, it's just considered higher risk. However, once a customer has shown they're real and it's shipping to the same address the risk is much lower, the chance that the card is stolen is minuscule.