E-Commerce

TEB POS E-Commerce
    Share
    • The information given on the order form of the customer who will receive the good or service and the information of the card holder who made the payment must be compared with each other.  If they do not match, more detailed information must be requested from the customer; and the bank must be contacted for the order confirmation before delivery, if necessary.
    • Ask the customer to submit the expiration date of the card; invalid or uncomplete expiration date information may signal that the person may not be the actual holder of that card.
    • Ask the customer to submit CVV2/CVC2 security code with 3 digits in length located on the signature panel on the back of the card. This information is deemed as an additional security to control whether the card is a valid card or not.
    • Whether the customer has any previous purchases from you must be checked.
    • The address information of the new orders given by the customers who have made purchases before and the address information of their previous orders must be compared; if they match, then whether there has been any problem in these deliveries must be controlled.  
    • Both the delivery address and the invoice address must be checked. If these two addresses are different and being so far away from each other (for example: different cities) or if there is a suspicious situation, then more detailed information must be requested from the customer.
    • A database must be kept within the company about the problematic addresses and customers and each incoming order must be compared with this database. The bank must be contacted to get the necessary actions for the orders that are found risky at the end of database controls.
    • To control the deliveries, an information exchange system with the courier and a physical environment control mechanism must be in place. The locations detected as suspicious by the courier must be communicated to the company; and the company must contact with the bank for the order confirmation before the delivery, if necessary. If the receiver attempts to chance the address during the delivery, the courier must definitely inform the company about this request and the company must consider this change suspiciously.
    • Deliveries must definitely be made to the customers whose names are given on orders to receive such goods or services.
    • If the delivery shall be made directly by the company without any courier, the card of the customer, information given on the card, national ID card and order information must be controlled by the naked eye physically at the place of delivery.
    • A continuous communication flow with the courier companies must be in place for the purpose of fraudulent activities; and it must be ensured that the courier companies shall not make the deliveries they consider suspicious and should inform the merchants about these addresses regularly.
    • An ordering customer who has suspicious acts as given below may also necessitate applying tighter control and getting confirmation for the transaction by contacting the bank.
    1. The customer who continuously asks the status of his/her order and insists to speed up the delivery process.
    2. The customer who seems to have difficulties in submitting the confirmation of his/her demographic information, address, etc.
    3. The customer who orders from different product categories with “It makes no difference” approach in the event the given order is out of stock.
    • A tighter control must be applied on high volume orders as well as with large quantities and the bank must be contacted to get confirmation before the delivery, if necessary.
    • A tighter control must be applied on international orders with high volume and large quantities and the bank must be contacted to get confirmation before the delivery, if necessary.
    • Particullary for the international/out of region orders; whether the product or service wished to be ordered is available by the same or lower cost at the place of the delivery must be checked. In case of any risky situation, an explanation for the reason of this order must be requested from the customer.
    • Whether the same address is used for plenty of orders must be checked. In case of any suspicious situation for the high colume orders given to the same address, the bank must be contacted to get confirmation before the delivery.
    • Especially for the orders given outside of the business hours; whether a delivery is requested to the same address within the same time period with different information must be checked. Orders given within the same time period to different addresses with similar card numbers may also be suspicious. In both cases, the bank must be contacted to get confirmation before the delivery.
    • Multiple orders with the same invoice address but with separate delivery addresses may also be suspicious. In such cases the bank must be contacted to get confirmation before the delivery.
    • Information received from the customers during the ordering process should be kept neither in written form nor in a virtual environment. Maintaining both the transaction and the customer data in a virtual environment may lead the customers to incur losses by being exposed to virtual theft and increases the possibility of the company to face with serious penalty risks.
    • Information gathered during the ordering process and the received authorization message must be carefully evaluated; and bank must be contacted to get confirmation for any incorrect expiration date, incorrect CVV2/CVC2 messages and “retian the card” prompts.
    • Multiple orders which are given from the same IP with different cards may bear risks. In such suspicious cases, the bank must be contacted to get confirmation before the delivery.
    • Too many orders which are placed by the virtual POS within a short time may bear risks. For this reason, the attempts made on the payment system must be monitored and for any suspicious situation, the bank must be contacted to get confirmation before the delivery.
    • If the invoice and delivery addresses are different than the given phone numbers, the customer must be contacted by using the communication numbers specified on the invoice.
    • A certain portion of the collections to be made by using the card information submitted for the purchase of good and service should not be refunded to the card holder in cash. In such cases, the bank must be contacted to get confirmation.

    It should not be forgotten that; an authorization received by the merchant to the mail orders, phone orders and e-commerce (Virtual POS) transactions conducted by using a credit card does not necessarily mean that the transactions are actually conducted by the real card holders. The company shall have primary responsibility for the transactions which are not approved by the card holders and of the objections in respect thereof.

    Rate page content