Givecloud has a handful of built-in features you can use to help manage payment risk and prevent fraud.
What are the risks?
One of the most costly risks to anyone accepting payments online (whether it's a nonprofit or an online business) is fraudulent payments. A fraudulent payment is typically a payment processed on a stolen card. If the payment is successful and you are unaware that it is a fraud, you could encounter a very costly chargeback.
Another common problem involves carding or carding bots. A carding bot is a nefarious automated script that tests the validity of a massive number of stolen cards by processing one micropayment on each card. This is done by targeting an online payment form and trying to process as many cards as possible. Of course, this can be done by a human as well. However, when a bot does it, the attack can be sophisticated, large-scale and costly.
How do I prevent fraudulent payments?
Payment gateways, processors and banks all have OPTIONAL built-in mechanisms to help prevent fraud. They involve:
declining payments where the card data doesn't match what the bank has on file
declining payments below a certain amount
declining payments where the IP address doesn't match the country the credit card belongs to
These methods can work but not ironclad. In fact, they can make it more difficult for legitimate donors to give. Perhaps they are innocently misspelling their address, or their address has changed, or they're on vacation in another country, or they want to give a small donation.
How can Givecloud help?
We have a handful of features that allow you to:
Identify fraud and refund those payments before a chargeback hits. This is done through our AVS, CVC and GeoIP Risk Indicators. The idea is to allow all payments through and give you the power to see the risk level after the payment has been processed. Who better than YOU to decide whether there is fraud.
Identify carding attacks and secure your payment page to stop the attack. This is done using our Carding Bot Prevention and Authorization Rate Monitor. If Givecloud detects a spike in failed payments on your Givecloud account, it will force all users trying to pay on your site to prove they are human. This method makes it nearly impossible for a bot to operate on your site and makes it very difficult for a fraudster to continue exploiting your payment form.