Card Fraud Crippling Online Merchants
By Stephen Caswell
March 20, 2000
- Copyright ©
While credit card companies
have consistently maintained that credit card fraud
is no more prevalent online than in traditional forms
of commerce, a number of experts are disputing the
According to Alvin Cameron, Credit/Loss Prevention
Manager for online fulfillment house Digital River
(Nasdaq: DRIV), an estimated 20 to 40 percent of online
purchases are fraud attempts. Accordingly, Cameron
says, e-tailers are now facing a do-or-die proposition.
"Merchants who cannot control the flood of fraudulent
purchase attempts will soon be out of business,"
Merchants Shoulder the
Contrary to popular belief, Cameron says, it is the
merchant -- not the consumer -- that has the most
to lose from credit card fraud. While federal laws
limit consumer liability to $50 (US$), credit card
companies force e-tailers to eat the entire loss.
When a consumer indicates an instance of fraud, the
disputed amount is removed from the merchant's account
and credited back to the customer. This "chargeback"
comes with a standard fee of $15 per instance.
In an effort to minimize its exposure, MasterCard
will now fine merchants if chargebacks are one percent
or higher of total sales transactions, or 2.5 percent
or higher of total sales volume for more than two
One merchant told the E-Commerce Times that these
rules could well force smaller e-tailers off the Web.
However, many observers believe that MasterCard is
merely trying to punish large merchants that the company
sees as having lax credit card authorization policies.
According to Cameron, online merchants have been forced
to develop sophisticated security protections that
go far beyond the normal security approval process
by the credit card companies. At present, credit card
companies only verify if a credit card number is correct
and then match the number against the customer's billing
"Doing business on the Internet is the equivalent
of having someone walk into your store wearing a ski
mask without any ID and offering a bank counter check
to purchase a $2,000 stereo system," said Cameron.
"While no brick-and-mortar store would make such
sale, Internet merchants have to do it all the time."
When Will it Bottom Out?
Cybercrime in all forms shows no signs of letting
up any time soon. Late last week, for example, MSNBC
reported that Visa quietly informed select merchants
that 485,000 credit card numbers were stolen from
a major e-tailer in January 1999. According to the
report, the company covered up the issue.
MSNBC also reported that the file was stored on a
prominent government computer and that the perpetrator
was thought to have been traced to an Eastern European
By all accounts, e-tailers now find themselves in
an ironic position. If consumer fears about online
security dampen enthusiasm for e-commerce, merchants
will find themselves being squeezed on both ends.
Is There a Solution?
While there do not appear to be any simple solutions,
Cameron believes that potential cyber-criminals should
now think twice before committing credit card fraud.
This type of activity has long been considered too
small to bother with, but Cameron points out that
using credit cards fraudulently is quickly becoming
"identity theft" -- which was recently defined
as a serious federal felony.
He added that he is now working with more than 100
different federal and state police agencies to prosecute
cyber-criminals. "No matter what they think,"
he said, "they leave digital fingerprints and
can get caught."
Likewise, FBI special agent Charles Neal suggested
in a recent E-Commerce Times interview that cyber-criminals
should bear in mind that society is demanding that
these criminals be punished.
are planning to add more resources to do that,"