Hacker Newsnew | past | comments | ask | show | jobs | submitlogin
Ask HN: Innovations in merchant online online credit card processing?
9 points by xtiansimon on June 15, 2019 | hide | past | favorite | 4 comments
My client is a private small business brick and mortar. Their Point of Sale service/platform has a web widget for online ordering. Customer is redirected to the platform to place an order for pickup or delivery.

Recently we had a chargeback claiming fraud. The merchant processor asked for proof of EMV chip processing. Of course, that is a nonsense question with online purchase—- our claim of fake fraud is lost before it begins.

We reached out to our POS Rep to discuss the situation. Their response was: Hey. Face it. All credit card transactions involve risk. You have to look at chargebacks as an expense.

Apart from the credit companies, what efforts are merchants taking to combat fake fraud claims for their online stores and make successful claims in light of the liability shift?



Ok. So everyone is saying 3DS is the state of the art for online fraud protection. Curiously, I've not encountered this in the wild from my own online purchases.

I'm reading the Wikipedia article [1] about password verification, "A transaction...will initiate a redirection to the website of the card issuing bank to authorize the transaction. Each issuer could use any kind of authentication method...but typically, a password-based method is used, so to effectively buy on the Internet means using a password tied to the card."

I don't recall using a password for any of my on online purchases (Amazon, Walmart.com), and I have not set one up with my CC company (CapitalOne issued Visa) other than a PIN for cash withdrawals. It's possible these sites use another form of verification ("Each issuer could use any kind of authentication method (the protocol does not [specify] this)...") and the process was so seamless I didn't notice. [cough] Or, maybe these example companies are so big they actually assume the liability.

My original naive concept of innovations were additional operational protocols (maybe customers sign receipts at the time of delivery/pickup). Or, maybe design features in your e-store (prevent fraud-claim-happy users from using the same card more than once, assuming the customer would cancel their card after fraud, so you wouldn't permit it to be used again after a fraud claim). Even as I suggest these ideas, I'm reading other articles [2] explicitly describing 3DS is actually responding to the liability shift law--which is ultimate concern. And of course, if these features I'm imagining do not explicitly respond to liability shift, these ideas would most likely just confuse the issue.

Any suggestions of online stores implementing 3D or any e-store features designed to discorage making false fraud claims?

[1]: https://en.wikipedia.org/wiki/3-D_Secure [2]: https://blog.gpayments.com/article/liability-shift-3d-secure...


I have only encountered this at EU based vendors. I have never encountered this at a US merchant.


Online transactions have an equivalent of the EMV liability shift called 3D Secure which any decent merchant acquirer should offer as an option.

In addition, if your online merchant acquirer starts asking about EMV details I’d be concerned about whether they know what they’re talking about.


You can use address verification and/or 3DS to reduce fraud chargebacks for online transactions. If you use 3DS then the bank will assume liability for fraud.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: