Chargebacks & Ecommerce Merchants’ Rights

Typically, credit card chargebacks are so few and far between that most ecommerce merchants feel they aren't worth the hassle of disputing. Unfortunately, when that mindset persists, it exposes the business to continuous losses via chargeback fraud (i.e. when consumers initiate unwarranted credit card chargebacks for items they knowingly purchased in an attempt to avoid paying for them.)
While it’s true that the work involved is time consuming, disputing chargebacks with consistency is important limiting financial losses over time. Establishing step-by-step guidelines can greatly reduce the burden of disputing chargebacks. But, creating these procedures requires some due diligence on your end. To start, you should understand what merchants’ rights are extended to you by each of the credit issuers you work with. Visa, Mastercard, et. al., have rules in place that, when adhered to, grant rights and protections to merchants in chargeback disputes.

The rules and regulations from credit card issuers often place a burden of proof on either the merchant, the customer, or both. For example, let's say Visa has a rule in place that a customer cannot file a chargeback unless they have attempted to return the item. The customer would need to provide proof of return. Merchants should make sure that each transaction is thoroughly documented (ID verification during checkout, delivery confirmation, etc.) so they can easily provide supporting evidence when filing a dispute.

Essentially, by thoroughly understanding your merchants’ rights and meticulously recording all the relevant transaction information, you’ll have the foundation necessary to streamline chargeback disputes so they take up less of your time – and money – over the long run.

Social Engineering Prevention Guidelines for CSRs

Information security is an ever-evolving issue for ecommerce sites. Even though technology has done a lot to stop them, fraud tactics are always changing in response to those countermeasures. In some cases, there's just not much technology can do. Take social engineering – when a fraudster posing as their target manipulates customer service representatives into granting access to the target's account or private information – for instance.

Also known as voice-phishing, or “vishing,” the practice is less common than email-based phishing but every bit as dangerous to ecommerce. According to the education and awareness website,, the average cost of a successful vishing attack against a business is $43,000 per account compromised.

Most companies require customer service representatives to follow a multi-step process for authenticating callers before proceeding with service on an account. However, CSRs are also trained to keep customers happy. Whether it's because caller sounds irate or threatening, or the caller sounds authentic because they passed some parts of the authentication process (usually with information trawled from other areas of the internet), CSRs may share information that risks security with the intent of providing a good customer experience.

Unfortunately, calls to a live person don’t undergo the same digital fraud checks that online transactions do. To prevent scenarios where a CSR feels bullied or lulled into complying with an insecure request, companies need 1) a comprehensive flowchart of authentication steps with clear explanations of what to do when the caller can’t provide the required information 2) strict requirements for following protocols, and 3) assurance that managers trained for those scenarios will provide necessary support.

By training customer service teams to recognize social engineering and giving them the resources to stop fraudsters from stealing account data, ecommerce companies can protect their customers while still providing great service.

The Importance of Balancing Your Anti-Fraud Efforts

Fraud is a consistent problem for ecommerce businesses. It’s tempting to utilize all the fraud prevention tools at your disposal to ensure that nothing seeps through the cracks. Unfortunately, fighting too hard against fraud can negatively impact your users’ experience and overall sales. While a 0% chargeback ratio sounds great, it’s not worthwhile if it means you are turning away 10% of your legitimate customers due to false flags from your security solutions. More...

Common Types of CNP Fraud to Watch Out For

Fraudulent activity for card-not-present (CNP) transactions has been sharply increasing. According to an article from, credit card fraud is expected to more than double by 2018, reaching $6.4 billion. The enhanced security of EMV chip cards have influenced fraudsters to focus on “easier” CNP transactions. Plus, with the US markets finally adopting EMV technology, cross-border credit card fraud is expected to increase as well.  More...

3 Ways to Battle CNP Fraud

Fraudulent activity for card-not-present (CNP) transactions has been sharply increasing. According to research from ACI Worldwide, online retail fraud attempts have increased 30 percent year over year. While part of this is due to the increasing success of the ecommerce industry, the enhanced security of chip-and-PIN cards utilized by brick-and-mortar retail have influenced fraudsters to focus on “easier” CNP transactions. More...