OnVerify.com serves Web Business’ to reduce fraud, verify or notify users, bridge online business tooffline business. OnVerify.com helps Web Business’ by keeping fraudulent users out, by AutomatedPhone Verifications.OnVerify.com provides following services:
1. Phone Verification (Announce Pin on Phone, Enter Pin on Web)
2. Reverse Phone Verification (Announce Pin on Web, Enter Pin on Phone)
3. Sms Verification/Notification (Any Mobile Phone)
4. Fax Notification (Standard Faxes)
The main technologies that OnVerify.com based on: Telephony, SMS and Fax.
OnVerify.com provides HTTP API and SOAP API.
The main sectors that OnVerify.com serves:
1. Online Gaming/Game Currency
2. Online Food Ordering
3. Online Credit Card Processing
4. Online Ad Networks
5. Online Investment Business
The main advantages of OnVerify.Com can be summarized as:
- Everything works in real time
- Very competitively priced. Starts from 3.72 cents per answered call.
- Flexible voice prompt system with built-in TTS, and Wav files. Zero cost to customize the message.
- Voice prompts can even be customized on the fly, during the verification/announcement initialization with parameters
- Built-in TTS (English, French, German, Italian, Spanish)
- Works for all types phones and worldwide
- High Capacity
Free e-mail account is very easy to setup than to setup an e-mail address with a company in background together with a web site. There are lots of companies refuse to do business with free e-mails. I do not suggest to completely avoid, but what I say that you must be careful with the orders done with free e-mails. Free e-mail is another positive point to your fraud scoring system.
Also, keep in mind that, marking an order for extra check for fraud, depends on your business model. If you target end-users, or let your customers try before buying, your customer may want to try or buy with a free personal e-mail. On the other side, if you explicitly sell to companies, or your products are highly priced, you must watch free e-mails.
AVS is short for Address Verification System, which simply tries to map/match the the address given with the card holder’s address. This technology by it’s implementation is a weak one, and cannot be highly regarded due to several reasons: A recent change in address causes negative responses. Service only available in US and a few EU countries.
AVS provides following common results:
A – The address matched, but the zip code did not. This is for Mastercard, Visa, and AMEX users.
Y – Address matched, but the zip code did not for a Discover card user.
B – The street address was a match, but the postal code was in the wrong format for the international user.
C – The street addresses and postal codes were formatted incorrectly.
D – The street address and postal code match for an international user.
E – There was an error.
G – The service is not supported by a non-US user.
I – Address information was not verified by the international issuer.
M – T street address and postal code match for an international user.
N – There is no match for the zip code or the address.
O – No Response was sent.
P – While the postal codes match, the street addresses cannot be verified due to inconsistencies in the formats.
R – You should retry. The system is temporarily unavailable or has timed out.
S – The server is not supported by the user.
U – The address information is unavailable.
W – The nine digit zip code matches, but the address does not.
X – This is an exact match.
Y – Both the address and the zip code match.
Z – The five-digit zip code matches, but the address does not.
0 – There is no response.
Unless your customer base is not US only, do not use AVS. Just IP to county/city mapping will bring more information.
BIN is short for Bank Identification Number. It’s the first 6 digits of the credit card. BIN (first 6 digits) maps to a bank.
A BIN database provides the merchant with information about the issuing bank such as the country it is located in, the customer’s billing address and other helpful information. The merchant can use this information as a factor in deciding whether or not to approve a transaction. If a card’s BIN is not found in the database, the merchant can decline the transaction to avoid fraudulent activity.
Many online merchants also use BIN databases to determine what type of card is being used to pay for a transaction, such as a credit, debt, or prepaid card. The reason for this is that prepaid cards have a higher rate of fraud. Many merchants use a prepaid flag that will alert them when the card is prepaid so they can either inspect it more closely or simply reject it to be safe. Putting such practices into place can significantly reduce a merchant’s risk of loss from fraud.
Following information can be cross-checked and can add scoring :
- Customer’s country and Bank’s country will most probably match. A mismatch may be flagged
- Prepaid cards can be flagged.
One of the most notable database is available at: www.binbase.com
Shiply founder, Robert Matthams, was last night named as Most Outstanding Entrepreneur and overall BT Essence of The Entrepreneur 2009. Amongst hundreds of entries and 20 finalists, Shiply were awarded a £10,000 cash prize and photo shoot from world renowned photographer Rankin. For more information visit his blog
Free e-mails are easy to setup than domain names/web sites. Any order from a free e-mail service must alert you (+1 fraud score). Fraudsters will try to hide after a free e-mail service.
As I noted previously all orders are done from well know ips. If the ip maps to a proxy address, this is 100% fraud. If it does not map to a proxy server address, you can check
- IPlocation country to billing address country
- IPLocation city to billing address city
- IPLocation provides some Latitude and Longitude value. You can calculate the distance to billing address. Any distance bigger than 1000 kms must warn you (+1 fraud score)
- You can also check phone number against valid prefixes for IPLocation city/country and billing address
- You must check zip code against city/country of billing and IPLocation address
Customer’s do connect from an internet connected device; meaning it has got a unique ip. Customer’s ip is really important, you much check and watch:
- If the ip you catch is a valid ip
- If ip is proxy ip (+1 to your fraud scoring system). Some fraudster will try to use anonymous proxy servers to be anonymous and untracable.
- All ips converts to country (%98) and city (more than 70%). The must match billing and/or shipping country and city. A mismatch must alert you (+1)
There are several companies that provide ip to location services. Two of the most noticable ones are: www.ip2location.com and www.maxmind.com.
Customers usually use different addresses for shipping and billing. A Fraudster will also do the same, and more. An order of a valuable item to some mailbox, must catch your attention. (+1 to your fraud scoring system)
So you must validate and correlate shipping and billing addresses and information (Address Line, City, State, Country, Zip Code, Phone):
An address can be checked in itself as:
- Address can be validated from some web services. For USA orders USPS apis can provide you more information if this address is valid or not. Google Maps or Yahoo Maps provide similar information.
- There are databases for Zip Code to Area Code and visa verso. In a given zip code area code of the phone numbers are known before (except mobile numbers)
- Ip Address to Country and even City Check. When order is done, it’s done over a well known IP (If it’s done over a proxy address you can totally discard the order, no need to go further). There are several solutions that map an IP to Country and City level in address. So a check for IP Address mapping will help
Shipping and Billing Address can be checked for:
- Country check. It’s very low probable to order to another country from another country. +1
An order of 75 pair of shoes must alert you. Fraudsters will try to order in bulk, so that they can turn these products into cash in bulk. Remember to investigate multiple orders given in a short time; total of 75 pairs of shoes in 24 hours by 30 seperate orders (to same shipping address or from same ip) is another alert and another point to your own fraud monitoring system. The main difficulty is the ability to distinguish last minute orders in high season, here your experience will work
