Online and Catalogs

Each year, airlines, Internet and catalog merchants, and telemarketers conduct $200 billion in business through “card-not-present” transactions with customers they never see. The Internet, in particular, offers new opportunities for retailers to sell goods and services. But electronic commerce also brings new kinds of payment card fraud. MasterCard card verification and security programs enable cardholders to feel more confident about conducting online, mail order, and telephone transactions.

Fraud is a particular concern for mail order, telephone order, and Internet businesses, since transactions are card-not-present. Businesses can minimize the occurrence of fraudulent transactions through a number of safeguards.

• Prior to shipping merchandise, call the phone number the customer provided and verify the transaction information. Often, fraudsters are unable to verify the information they originally provided, since they order at random and do not keep a record of what they requested.
• Be sensitive to priority shipments for fraud-prone merchandise, which may indicate a fraudulent transaction.
• Be wary of orders from past customers that differ from their usual purchasing patterns.

To address the unique concerns of direct marketers, MasterCard recommends using the Address Verification Service (AVS) and Card Validation Code 2 (CVC 2). These highly effective cardholder verification programs can make transactions safer and more profitable.

• Address Verification Service (AVS). The Address Verification Service (AVS) helps reduce the risk of fraudulent use of account numbers in card-not-present transactions. When a customer provides an address with an order, AVS automatically compares it to the billing address on file with the card issuer. This risk reduction measure is especially helpful to merchants conducting business on the Internet. If the billing address and the card address on file do not match, you will receive a response code indicating this during transaction processing. You can then choose to either deny or proceed with the transaction.
• Card Validation Code 2 (CVC 2). The Card Validation Code 2 (CVC 2) is a three-digit code indent printed on the signature panel of MasterCard cards. This added security measure enables a retailer to verify that the buyer has the actual card in hand during a card-not-present transaction. MasterCard strongly recommends that businesses ask each consumer for the Card Validation Code when conducting a transaction on the Internet or by phone. Like mag-stripe data, merchants should never store CVC 2 codes.
  
  For more information about AVS and CVC 2, please contact your bank or Payment Services Provider.

MasterCard SecureCode makes online shopping more secure for retailers and their customers by providing cardholders with a unique personal code for their transactions. In addition to helping prevent chargebacks and fraud, MasterCard SecureCode can give customers greater peace of mind and allow electronic retailers to ship orders with confidence. It’s a simple, cost-effective way to encourage e-commerce while reducing risk.
Learn More About MasterCard SecureCode

You can help protect your business and your customers against hackers and other security challenges by participating in the MasterCard Site Data Protection Program. This program provides the requirements, guidelines, and tools that improve your security posture by identifying vulnerabilities in security processes, procedures, and Web site configurations. You can enroll in this service online.
Learn More About Site Data Protection