Security Best Practices
Maintaining tight security, including using both
standard and advanced fraud detection and prevention tools, is
crucial to maintaining a successful business. No merchant can afford
to overlook the need for protection against fraud and other types of
abuse. This made
VERIFYBLUE.COM
create this tool and security best
practices that are recommended to merchants for detecting,
preventing, and managing online transaction fraud.
Built-In Fraud Prevention Tools
Several basic fraud prevention tools are integrated
into your standard payment gateway account. It is strongly
recommended that you use these standard tools, in addition to
implementing adequate fraud detection and prevention policies and
practices to protect your account from online transaction fraud.we
check driving licence details, DOB, death certificates and
SSN#
Address Verification System (AVS)
The Address Verification System (AVS) compares the
billing address information provided by the customer online with the
billing address on file at the customer's credit card issuing bank.
The payment gateway reports the AVS response to you, the merchant,
accepts or declines transactions accordingly.
Card Code Verification
The Card Code (CVV2/CVC2/CID) is a three-digit
security code that is printed on credit cards. The value appears in
reverse italic at the top of the signature panel on the back of the
card, or on the front of the card just above the end of the credit
card number. These additional numbers provide an extra measure of
security against unauthorized credit card transactions. The credit
card would need to be present for the purchaser to know the Card
Code number, as it is not stored on any system outside of the credit
card issuer. The payment gateway reports the Card Code response code
to you, the merchant, (there are 4 different response codes) and
after screening the Card Code response codes that you have chosen to
allow through the system, accepts or declines transactions
accordingly.
Password-Required Mode
Password-Required Mode is a required security
feature for all merchants that use the Virtual Terminal and Batch
Upload features of the Merchant Interface and/or Advanced
Integration Method (AIM) or Simple Integration Method (SIM) to
process transactions through the payment gateway. When an account is
designated as Password-Required, no transaction can be processed
without providing the correct password, transaction key or
fingerprint.
Referrer URLs
The Referrer URL is a required security feature for
all merchants that use the WebLink connection method to process
transactions through the payment gateway. A Referrer URL is any Web
page address from which your site processes transactions. In other
words, if your customer links to the payment gateway's secure
payment form from a certain page on your site, you will designate
the URL for that particular page (e.g.,https://www.mywebsite.com/paymentform.html)
as a Referrer URL. This URL must be listed on the "Referrer URLs"
page of the Merchant Interface. The payment gateway will then reject
attempts to process transactions from any other URL. You may specify
multiple Referrer URLs.
|
