ID fraudsters beating AVS trap
26 January 2004 | 4089 views | 0
Research by e-security software vendor ClearCommerce Europe has found an almost 80% increase in fraudulent payments that have been validated with Address Verification Systems (AVS).
Systems that verify a customer's billing address with an address on record are currently the most widely used fraud detection system for online retailers in the US. But, according to the ClearCommerce Fraud Data Consortium (CDC) - a database of Internet transactions compiled from online merchants - the rise in ID theft means that fraudsters are increasingly gaining access to cardholder billing information, allowing them to sail through AVS screening.
The research shows that most merchants trust orders with a full address match, so fraudsters who assume cardholder's identities can escape checks.
The vendor says the rise in identity theft has created new avenues for fraudsters to commit online crime and that a single fraud-prevention system, such as AVS, will not protect merchants from fraud.
ClearCommerce recommends that online merchants implement a multilayered fraud-detection system that includes order-screening rules, merchant-configurable velocity checks, neural network risk scoring, international IP address location and an automated order review assistant to address fraudulent activities.
In addition, mechants should set up a 'negative database' that contains key information from previous fraudulent orders such as shipping addresses, e-mail details, IP address and credit card numbers. New orders should be compared to the negative database and those that have matching characteristics should be flagged for review.
Alan Smith, business development director, ClearCommerce Europe, says fraudsters zero in on merchants to attack quickly without warning, resulting in a significant financial impact.
"Informing retailers that reliance on AVS screening is not a complete fraud solution is one way to begin to combat the problem," says Smith.