Read Bennett Gold LLP's privacy policies and practices regarding this web site.
LINK TO: Bennett Gold LLP's Privacy Policies and Practices. E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by Bennett Gold LLP, Chartered Accountants


SPECIAL NOTE TO ALL VISITORS:
Effective December 31, 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering articles from the period 1999 to 2012.


STOCKING UP: PREPARING YOUR SITE FOR THE HOLIDAYS

Source: Merchant Fraud Squad

Posted on October 8, 2001

      With predictions that this year's holiday season may be gloomy for merchants, it's even more important to clamp down on losses due to e-commerce fraud. Now's the time to start preparing, and to help you, here's a checklist of the basics:

Know who's naughty and who's nice:

      Before the holiday rush begins, read and understand all of the agreements provided by card issuers and by any third parties that process your site's charges. Once you understand your liability, you may be able pinpoint specific steps you can take to better prevent fraud.

Train your elves:

      During the holidays, there's twice as much to do in half the time-making it even easier for fraudsters to slip through the cracks. Before the season begins, take the time to educate your employees-especially the temporary holiday help-about the signs of fraud. In particular, remind them to pay more attention to items that are at a higher risk of fraud. http://merchantfraudsquad.com/members/membpages/ask_5.asp

      In fact, you should consider creating a "quick facts" card your employees can refer to when processing transactions or talking with customers. The card can cover the basics of finding fraud, or what to do if you discover a fraudulent sale. For help, see our article "Finding Fraud."

Make a list:

      You should always save e-mail or other correspondence between your site and your customers until you are certain that a charge won't be disputed. During the busy holiday season, you may want to extend this period. Retain explicit information, including what was ordered, when it was ordered, the shipping address, and the name and credit card numbers used. In addition, make sure your site has a program that documents your site traffic, including the IP address, date and time of order, and the duration of time a customer spends on your site, if possible. This detailed information not only helps in the pursuit of suspects, but also helps you build a case for prosecuting criminals.

Check it twice:

      Normally, a transaction should receive more scrutiny if it is with a new customer or the shipping address does not match the billing address. Since both of these scenarios are very common during the holidays, be sure to verify customer information-names, phone numbers, e-mail addresses, billing addresses, card member identification numbers (CIDs), card numbers, and expiration dates before you ship orders. You can also work with vendors that have address verification services or software that can detect vacant buildings, disconnected telephones, or other suspicious information.

Beware of changing chimneys:

      Shipment rerouting is a new trick used by fraudsters. Using stolen credit card information, a thief will make a purchase and ask to have it shipped to the real cardholder's correct billing address. But once the package has left your warehouse, the fraudster calls the shipping company to have the package rerouted. To prevent this, be sure to mask your shipping account numbers on your labels and work with your shippers to ensure that they follow more stringent procedures before authorizing a change in delivery location. For more help, read our article on shipment rerouting.

Prepare for those unexpected holiday visitors:

      Holiday shopping drives more users to the Web. Check with your IT department or Web site host to see if your hardware, software, and servers can handle the increased traffic and perform effectively.

      Get the latest and greatest gadgets: Always be sure to check with your IT department or Web site host to see if you are using the most recent versions, patches, and upgrades of SSL, firewall software, and any other network or fraud prevention software. Without the latest upgrades, your systems may be laid open to attacks from hackers, viruses, and worms.

      In addition, keep "negative files" (a list of names and card numbers associated with fraudulent sales) and consider investing in fraud prevention software such as rule-based detection technology or neural networks. (Some of these tools are also available from transaction processors for a per-transaction fee.) For more about these types of tools, see our article "Five Tools You Can Use to Prevent Fraud."

Be ready for the Grinch:

      No matter what you do, your site could still be the victim of a hacker. And if it happens during the holiday season, you might have to communicate the news more quickly and to a wider audience than normal. Plan how you'll deal with the situation, from pinpointing a company spokesperson to preparing a fact sheet on what's appropriate for comment. For tips, read our article "PR Preparedness."




CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.


ALERT
ARCHIVES
Final Entries
2012
2011
2010
2009
2008
2007
2006
2005
2004
2003
2002
2001
2000
1999


LINK TO: Bennett Gold Chartered Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Against
Privacy Breaches.

Get WebTrust
Working For
Your Site.