> >Has anyone come up with a satisfactory system for giving the user info > >on the result of their pre-auth, but preventing fraudsters from > >testing stolen cards? > > The Authorize.net configuration will email the GPG'd credit card Should I just write some ITL to email [value mv_credit_card_info] if I don't get a valid response from Authorize.net? That would be simple enough. > info, you can decide if you are going to just authorize, or capture > each sale . The system I work with, just authorizes transactions, > then posts for settlement upon shipment in the admin UI - this > feature is built in since (5.4?). > The only drawback on authorizations: if the customer attempts to > complete a sale and it takes 2-3 attempts, using incorrect billing > address or zip, and they finally get it right on the 4th try - each > attempt to validate the card locks up the funds for about 24 hours. > So if they try to finish a sale for $100.00 ,4 times, they have > reduced their available credit by $400.00 until the first three > attempts clear - this doesn't happen often, but some people get a > little irate about it. > > I wrote some custom code which limits the number of times that they > can attempt to test a credit card for valid billing address and zip > code, then locks out further attempts, also added CVV test - this > really put a damper on fraudulent activity, but doesn't stop it all. > We capture international cards without authorization, for later > review - we have a really strict policy on international cards on > unknown customers. I like the idea of sending the payment info to Authorize.net without any type of authorization. Which charge type accomplishes that? > Once you dig into the processing of credit card/payment processes, > can do just about anything you need. > > Steve If sending the payment info to Authorize.net succeeds and I don't email [value mv_credit_card_info], can that payment info be said to never be stored on my machine? I think it would only be in memory right? - Grant _______________________________________________ interchange-users mailing list suppressed http://www.icdevgroup.org/mailman/listinfo/interchange-users
Mail converted by mhonarc 2.6.15
This archive provided courtesy of JSW4.NET, Internet Hosting Services for Small Business.