Secure E-Payments Journal

Top of the News
Fraud update: Identity theft, hunting and phishing
An interview with CyberSource fraud expert Vic Dolcourt

Q: The press is full of stories about phishing and its impact on the consumer. What can you tell us about the impact of phishing on the eCommerce merchant?

A: Anything that causes consumers to question the overall safety of online shopping affects eCommerce merchants. Consumers read about the problem, they see examples of phishing sites online, and they begin to get edgy about the whole practice. It's hard to measure. And of course, any identity theft that results in illegal purchases can result in a chargeback to the merchant and that's plenty measurable and felt deeply by every merchant.

Q: Can phishing be prevented?

A: Phishing attempts probably can't be prevented. But we can certainly limit the success of those attempts.

Q: How?

>>Read More

The Transaction Insider:
By Doug Schwegman, Market Research Director

CyberSource merchant performance and preliminary estimates from other research companies indicate that the 2004 holiday sales season exhibited strong growth, beating early season forecasts. In early November forecasters published estimates ranging from 19% to 26% year on year growth. In our last article we observed that growth patterns in 2004 indicated a 4th quarter online sales growth approaching the level of 2003 and above published forecasts. The research company comScore Networks^® recently announced holiday sales grew by 29% in 2004 approaching the 31% growth level reported by comScore for 2003 and beating pre-season forecasts.

2004 Online Sales Review. >>Full details available

Market Updates
MasterCard^® & Diners Club^® Announces Alliance

MasterCard and Diners Club announced an alliance that will allow North American merchants to process Diners Club transactions as MasterCard transactions. Diners Club cards issued in the United States and Canada will be redesigned (and reissued) to include the MasterCard account number and carry both the Diners Club and MasterCard brand marks. These cards will be processed like a MasterCard transaction, but continue to provide Diners Club benefits to the cardholder.
>>Read More

Microsoft^®, eBay^®, Visa Share Phony Phish Site Info
From InformationWeek, February 15, 2005

Microsoft, eBay, and Visa joined forces Monday to launch a program to share information about phishing attacks.
>>Read More

MasterCard^® Rule Changes
MasterCard announced changes that will affect card-not-present, Internet processing rates as of October 2005. The actual rate charged will be dependent upon whether the MasterCard^® SecureCode™ authentication service has been used to process the transaction:

Interchange rates will be increased above the current level if MasterCard SecureCode services are not used.

Conversely, use of MasterCard SecureCode will drive interchange rates down, with the specific rate being dependent upon whether the transaction was:

	Fully authenticated by the issuing bank, or
	Only checked for enrollment and the cardholder was found to be "not enrolled" (obviously, merchants have no direct control over whether a cardholder is enrolled).

Merchants are advised to consult their acquiring bank or merchant account provider to determine how these new MasterCard rates can benefit them. CyberSource believes that these MasterCard rule changes, along with the liability shift offered by Visa's Verified by Visa program, justify merchants re-examining the trade-offs associated with implementation of Verified by Visa and MasterCard SecureCode authentication services.

2005 Online Fraud Report: 6th Annual
Benchmark Your Practices
How do you define “fraud problem”? While nearly 2/3rds of merchants surveyed have their fraud rate controlled to less than 1% of orders, they are losing more dollars to fraud and incurring increased costs to control the problem. Get our complimentary 2005 Online Fraud Report and discover new ways to look at your fraud process and the metrics you monitor. The full report includes detailed statistics on fraud rates, budgets, process metrics and more.

Product Spotlight
CyberSource Solutions

More Merchants Using Global Services
More and more of our merchants are growing revenues by accepting payment methods unique to local markets around the globe. In fact, on December 20, 2004 we processed payments in 182 countries for our merchants. Merchants cite same-country revenue increases of up to 20% or more due to local payment type acceptance. If you're not accepting global orders or payment in local formats because you fear complexity or fraud risk, CyberSource can provide solutions that simplify both processing and banking hassles.
>>Read More

Advanced Velocity for Advanced Fraud Screen and Decision Manager
CyberSource has enhanced the velocity feature to increase control and fraud detection while at the same time reducing false positives (identifying an order as suspicious when it is actually a good order). Advanced Velocity allows you to select the detection interval.
The interface controlling the selections can be found under the Tools section of the CyberSource Enterprise Business Center. Advanced Fraud Screen merchants can select "Advanced Fraud Screen" and Decision Manager merchants can select "Purchase Frequency."
>>Read More

Chargeback auto-marking : automation of "Mark As Suspect"
Advanced Fraud Screen and Decision Manager merchants can immediately take advantage of a new CyberSource service at no additional charge - chargeback auto-marking. Here is how the service works:

	Arrange with your processor to electronically forward duplicates of the chargeback notices you receive to CyberSource. This in no way impacts the information you already receive.
	CyberSource receives a daily chargeback file and separates the items with fraud chargeback codes from other chargeback codes.
	CyberSource identifies the Score transaction associated with the chargeback and uses it to extract the information for the Negative List.
	CyberSource updates your negative list
	If the card account number, email address or ship-to address are used in the future, CyberSource will inform you in the reply, and you will be able to process the order under your normal exception processing business rules.
	Merchants that use Decision Manager's Case Management System for manual reviews will be able to access detailed information that identifies the reviewer that approved the order or the business rule that accepted the order.

See you next issue! Your valuable feedback is important to us. Click here to send us your questions, comments and article ideas.

	Top of the News: Fraud Update
	Transaction Insider: 2004 Online Sales Review
	Market Updates
	Product Spotlight
	Coming Events

> Subscribe
> Feedback
> Privacy Statement
> Unsubscribe

Hear us at:

Platinum Session of
Merchant Risk Council
March 8, 2005
Las Vegas, NV

Higher Education Users Group
March 28-31, 2005
Las Vegas, NV

Visit us at:
Merchant Risk Council
March 9-11, 2005
Las Vegas, NV

Higher Education Users Group
March 21-24, 2005
Las Vegas, NV

Internet Retailer™
Conference & Exhibition
June 7-8, 2005
Chicago, IL

Direct Response Forum
2005 Conference
August 8-9, 2005
Chicago, IL

PeopleSoft^® Connect
September 18-22, 2005
Las Vegas, NV

What is phishing?

Phishing is an illegal practice that was first seen a few years ago and has since become an everyday online phenomenon. The goal of phishing is to obtain, under false pretenses, information about people. That information is then used to set up lines of credit under those people's names. Victims are prompted to supply their personal information when they get an email that appears to come from a bank or credit union seeking “confirmation” of address, social security numbers, etc. Once credit is established with that bogus identity, goods are purchased and shipped to the fraudster.


Issue 10, March 2005