Security is our top priority in every respect. With 256-bit SSL encryption and PCI-DSS, our payment gateway meets all the security requirements of the credit card companies. This means that your customers feel they are in good hands when shopping in your online shop.
Have each transaction authorised. You increase your security when you have every card transaction authorised by us.
A transaction authorisation reduces the risk of complaints, as the card issuer checks whether the card is valid, whether there is a block on the card and whether the cardholder has sufficient funds to make the purchase. In principle, every transaction must therefore be authorised. However, an authorisation does not mean a guarantee of payment. If you receive a refusal on your authorisation request, you should not carry out the transaction. Unauthorised transactions can lead to complaints – with high financial risks for you.
If your customer complains about the goods or service, you should contact them quickly and directly.
If complaints are processed immediately, the customer is satisfied and you can avoid unnecessary chargebacks and the associated costs for you. It is advisable to issue credit notes as soon as possible. If credit notes are not posted promptly to the customer’s account, this can lead to a complaint and possibly a chargeback of the turnover.
In case of a chargeback.
If the cardholder sends a complaint to his/her card-issuing bank, we will contact you directly. As a rule, we will ask you to provide proof of the card transaction in question and, if necessary, other information relating to the transaction. Please note that we are bound by the deadlines set by the card organisations when processing complaints. In order for us to be able to clarify the complaint in your interest, please send us the requested documents within the time frame specified by us.
Obtain the correct information from the orderer.
Bei der Abwicklung von Fernabsatztransaktionen sollten Sie stets darauf achten, dass Sie mindestens die folgenden Daten vom Besteller abfragen:
In addition to the above data, you should make a note of the following information:
Always ask the orderer for the card verification number!
The card verification number is an important component of the card data and serves to protect against card misuse in distance selling transactions. The card verification number is used as part of the authorisation process to check whether the customer has the card and thus to exclude the misuse of card data. The number must not be stored in your systems under any circumstances.
Support the modern authentication procedures in eCommerce.
The 3D Secure procedures introduced by the card organisations (Verified by Visa®, Mastercard SecureCode™, American Express SafeKey®, J/Secure™ from JCB) considerably increase the security of eCommerce transactions. They enable the authentication of the cardholder during the payment process via a password query. By supporting this procedure, you minimise your complaint and failure risks enormously. For your own security, we therefore prescribe the use of these procedures in eCommerce as a matter of principle.
If you use a payment gateway, make sure that your provider supports the aforementioned requirements. Here, too, you are on the safe side with our Internet Payment Gateway (IPG). Just get in touch with us.
Keep the transaction documents safe!
In the case of written orders received by post or fax, the purchaser’s signature must be obtained on the order form. Please keep the documents relating to the transaction in a safe place in order to be able to provide appropriate proof in the event of a complaint. It is also advisable to keep proof of the service rendered or goods delivered.
Security procedures in distance selling
In face-to-face business, i.e. card acceptance directly at the point of sale, the merchant has the possibility to immediately verify the authenticity of the card and the authorisation of the cardholder. In contrast, merchants who offer their goods or services in distance selling – the so-called “card not present environment” – face the problem that neither the card nor the cardholder are present. This makes it much more difficult to check for possible misuse, which at the same time also means that distance sellers have to bear a higher risk from misuse and chargeback offences.
In order to make payment processing for distance selling transactions secure and to minimise the risks, the international card organisations have developed security procedures with which misuse of cards on the Internet or in MoTo transactions can be reduced or even prevented.
The use of these security procedures not only has the advantage for you as a merchant that you protect yourself from possible financial damage from chargebacks. At the same time, studies by card organisations also show that secured transactions generate significantly higher turnover amounts on average. You also strengthen your customers’ trust in your company: Because a customer who feels secure when using his card in your shop and whose payment is processed without any problems will certainly not only purchase goods or services from you once.
3D Secure procedure
Merchants who support the 3D Secure technology are granted a so-called liability shift by the card organisations. This significantly minimises the chargeback risk for internet merchants. For chargebacks where the cardholder claims not to know or not to have carried out the transaction (these account for almost 80% of all chargebacks), the card-issuing credit institution is liable, with a few exceptions, regardless of whether the cardholder actually authenticated himself during the payment process or not.
In order to be able to process 3D Secure-secured transactions, a so-called “Merchant Plug-In” (MPI) must be integrated into your online payment system. Simply contact your payment service provider about this. They will certainly be able to provide you with the corresponding software. Are you looking for a secure solution? We would be happy to recommend our Internet Payment Gateway (IPG). Just get in touch with us.
Card verification number
The card verification number is a three-digit, sometimes four-digit number that is affixed as a security feature on the back and, with some providers, also on the front of the card. By requesting the card verification number during the payment process on the internet, but also during telephone or written orders (MoTo), it is possible to check whether the customer is in possession of the genuine card.
During the authorisation request, the card verification number given by the customer is compared with the number stored in encrypted form in the system of the card-issuing institution. If both numbers match, it can be assumed that the card is actually physically in the customer’s possession. This prevents the misuse of tapped card numbers by unauthorised third parties. Studies have shown that fraud rates can be reduced by up to 70% simply by querying the card verification number.
What to do?
Simply integrate the card verification number as a query feature in your payment system. This can be done without much technical effort.
Please note, however, that the card verification number must not be stored and/or kept by you under any circumstances after authorisation – neither in paper form nor electronically!
Billions of card transactions are made every year. Although the majority of these card transactions are undoubtedly made by legitimate cardholders, it unfortunately happens from time to time that cards are also misused for fraudulent activities. You can actively contribute to combating and preventing misuse – look out for the clear signs.
Noticeably agitated and hectic behaviour as well as an attempt to distract you or the intention to get you to process quickly may be signs that the card is being used fraudulently – be careful here! If you are unsure whether the customer is the legitimate cardholder, simply ask to see a valid identification document such as an identity card, passport or driving licence.
Does the map look real?
Does the card look genuine or can you see signs that the card has been tampered with? A blurred print, uneven embossing or a smudged signature strip are the first indications of a counterfeit or tampered card.
You can also recognise counterfeit cards by the fact that typical holograms are not even present or the UV security elements are not visible under a UV inspection device. When presenting the card, check that all features are properly present.
Do the card data match the data on the benefit voucher?
The card number and expiry date on the card must be identical to the data printed on the benefit voucher. If this is not the case, there has clearly been card manipulation. Therefore, please compare the data even before you return the card to the customer and reject the transaction if there are any discrepancies. In this case, please contact us if possible.
Signature verified?
Do not return the card until you have checked that the signatures on the receipt and on the card match. For card transactions made with card and PIN, the PIN entry replaces the signature.
You have doubts?
Simply call our customer service on
+49 69- 348 740 250 an.
We are here for you!
In face-to-face business, it is possible to check the authenticity of the card and the authorisation of the cardholder directly. In contrast, merchants who offer their goods or services in distance selling face the problem that neither the card nor the cardholder are present. This makes it more difficult to check for possible misuse. Distance selling, i.e. eCommerce and MoTo, therefore require increased vigilance.
Look for clear signs
There are a number of clues that point to possible fraud. In these cases you should be particularly attentive:
We recommend:
Set maximum amounts that can be paid with individual cards within a day. Check for orders placed with multiple and consecutive card numbers and monitor card sales by card number, transaction count and transaction volume. A number of such parameters can be pre-set in our Internet Payment Gateway (IPG).
Strange behaviour with telephone orders
Beware of customers who hesitate or appear unsure when asked for personal details as part of the ordering process. This is often an indication that the person is using a false identity. Customers who place seemingly random orders (“I’ll take one of each!”) are a potential risk, as the goods are probably not for their own use but for resale.
Express deliveries
Express deliveries do not necessarily have a fraudulent background. However, they can be characteristic of the “hit and run” type of fraud, where goods that are easy to sell are acquired in order to resell them quickly. In the case of express deliveries, it therefore makes sense to check whether you already know this customer.
Suspicious addresses
Orders where the billing address is different from the shipping address can potentially be risky, especially if shipping is to a PO Box or office address or to an exotic address. Assess the risk of a transaction based on the goods ordered, the value of the goods and the delivery address provided.
Our tip:
Log cases where problems have occurred in the past. Repeated orders with the same card or an identical delivery address have a higher than average incidence of recurring problems.
You have doubts?
Call your acquirer immediately.
Or give us a call: +49 69-348 740 25-0
We are also here for you!
We are a payment service provider and commercial network operator and are in direct contact with well-known acquirers and system providers.
We are here for you:
Mo-Fr 09:00 -17:30
Hotline
+49 69 – 34 874 025-0