Does netbilling.com offer visa secure code? - GoFuckYourself.com

EukerVoorn · 10-13-2011, 03:30 AM

Am looking at netbilling.com for one of our sites. Am wondering if they offer visa secure code in other words do subscribers have to go to their own bank's site for entering the Visa or MasterCard secure code sent to them by phone or e-mail? And if so, is it possible to accept secure code approved transactions only, to prevent fraud. Also, something I really would like to know, if someone does a purchase using his credit card and he goes through the secure code routine, can he still go to his bank after the purchase and claim that he doesn't recognize the credit card charge and demand a chargeback? At banks here in Netherlands that is not possible as far as I know; once you've entered the code on your bank's site the transaction is definitive. How does that work in the rest of the world?

ntesic · 10-13-2011, 04:54 AM

As far I know, NetBilling don't offer that.

Barry-xlovecam · 10-13-2011, 05:54 AM

1.) For my personal bank cards (VISA USA Issuers) the Verified by VISA and MasterCard Secure Code is a opt-in function of the member banks of the respective credit card associations. No emails are ever sent and the signup process and the future pre-authorization are made at the customer's issuing bank's server.

2.) We don't use netbilling so I can't comment of their capabilities ...

EukerVoorn · 10-13-2011, 07:51 AM

Barry are you saying that if you buy something online or sign-up with a porn site (which you do daily of course) you get directed to the site of your own bank and you enter a fixed code/password? That is how it started with my bank but later they dropped the fixed code and now send a code to your mobile phone and if you don't receive that, they send another code to your e-mail address.

I must say there are still sites that don't require you to enter the secure code, for example amazon.com or the French railroad service, or Easyjet.co.uk but a growing of other sites do and I think it's a good way to prevent fraud (that's what it's intended for too) and I don't understand why there are still adult biz card processors who don't work with secure code while they at the same time are suffering from chargeback paranoia. Implement secure code and chargebacks will drop to 0.1% or lower.

The Ghost · 10-13-2011, 08:49 AM

In my experience the vast majority of fraud isn't from customers. It's from scamming affiliates.

Zombaio_Tomas · 10-13-2011, 09:51 AM

Quote:

Originally Posted by The Ghost

In my experience the vast majority of fraud isn't from customers. It's from scamming affiliates.

Correct!

Quote:

Originally Posted by EukerVoorn

Also, something I really would like to know, if someone does a purchase using his credit card and he goes through the secure code routine, can he still go to his bank after the purchase and claim that he doesn't recognize the credit card charge and demand a chargeback? At banks here in Netherlands that is not possible as far as I know; once you've entered the code on your bank's site the transaction is definitive. How does that work in the rest of the world?

Chargeback (3D Secure) Liability Shift who qualifies and how?

A few points need to be made regarding chargeback liability shift. Not ALL chargeback reason codes qualify for immediate representment only certain Reason Codes qualify and these vary from Region to Region. The primary codes including MasterCard RC 4837 and 4863 ("Cardholder Not Authorized" and "Cardholder Not Recognized") and VISA's RC 23 and 83 constitute more than 70% of all ecommerce related disputed transactions so the liability shift at minimum protects the largest percentage chargeback risk codes.

There some exceptions to this however, including commercial cards, anonymous prepaid cards, and new channels. Transactions that fall into these categories are not eligible for liability shift with VISA.

Where chargeback liability shift is important is with 'inter-regional' transactions where the merchant resides in one jurisdiction and the cardholder in another. Since most Internet based transactions are global, this is a very important consideration.

This applies also to The Netherlands

EukerVoorn · 10-13-2011, 09:59 AM

Quote:

Originally Posted by The Ghost

In my experience the vast majority of fraud isn't from customers. It's from scamming affiliates.

That would only make sense if they got hold of data of multiple credit cards... now getting that date (number, cvc and exp date) is not so hard but how do they get hold of the secure code which is required to get through the procedure at a site like Zombaio that works with secure code (and why I loved them so much)?

EukerVoorn · 10-13-2011, 10:01 AM

Thanks for explaining Tomas but it's really too technically for me. Can you translate to normal English (or Dutch) whether if card holder enters secure code, he can still go to his bank and claim he doesn't recognize the charge and get a refund? Also I was about to mail you today but want to check something first and will probably mail you tomorrow.

EukerVoorn · 10-13-2011, 10:02 AM

Also Tomas another question: does Zombaio require secure code to be entered on all transactions or are does it depend on the setup of the particular bank or card?

Barry-xlovecam · 10-13-2011, 10:43 AM

Quote:

Originally Posted by EukerVoorn

Barry are you saying that if you buy something online or sign-up with a porn site (which you do daily of course) you get directed to the site of your own bank and you enter a fixed code/password? That is how it started with my bank but later they dropped the fixed code and now send a code to your mobile phone and if you don't receive that, they send another code to your e-mail address.

I don't use the two cards that are set up for the code often online -- the last few times I did (testing our own billing servers) I was redirected for both VISA an Master card. Basically, it is like a password and you have to remember it somehow. Yes, the use of 3D Secure does decrease card fraud but at the expense of purchase difficulty consequently resulting in some sales loss (dropped carts) -- it is a balancing act to say the least.

I most often use my corporate cards that are VISA branded debit cards tied to low balance accounts for both ACH and POS/Internet transactions at a USA bank-- they are interest and fee free ...

What you describe sounds more like a mobile phone purchase to me where a one time "access code" is sent to that mobile device its use completing the payment transaction. This sounds too complicated to me for a simple Internet credit card transaction. (Magic handshake bullshit).

In the USA (or maybe just me) we don't use mobile devices like they do in Europe especially as POS/Payment instruments. However this is changing;

Google adds Visa, Amex, Discover cards to Wallet
http://www.google.com/hostednews/ap/...48212f4d5e89c6

Payment methods and their relation to mobile devices are rapidly evolving.

Zombaio_Tomas · 10-13-2011, 10:51 AM

Quote:

Originally Posted by EukerVoorn

Thanks for explaining Tomas but it's really too technically for me. Can you translate to normal English (or Dutch) whether if card holder enters secure code, he can still go to his bank and claim he doesn't recognize the charge and get a refund? Also I was about to mail you today but want to check something first and will probably mail you tomorrow.

In your example, it depends on the card type. But for the reason; No!

If he states that he does not recognize the transaction, and the card don't fall into this types: commercial cards, anonymous prepaid cards, new channels then he cannot dispute the charge. (he can, but the issuing bank will bear the cost)

However, if he say that: I have signed up, but the quality was so poor and the download speed to the servers made it impossible for me to watch the promised movies, the following will happen:

A dispute will be filed and sent to the Merchant/Processor - the merchant will send proof and the card scheme dispute team will judge the transaction. But the liability shift will not protect you here.

Quote:

Originally Posted by EukerVoorn

Also Tomas another question: does Zombaio require secure code to be entered on all transactions or are does it depend on the setup of the particular bank or card?

We will first do a check to Visa or MasterCard directory servers to see if the card is enrolled, if it is enrolled, we will force the code. If the card or issuer does not participate, we will not ask for the code.

EukerVoorn · 10-13-2011, 10:57 AM

Ok I get to understand it now, so you have credit cards in the USA that require secure code for online purchase and you have cards that don't require it, right? So secure code is not as big as I hoped it would be. Imagine that online transactions without secure code wouldn't be possible anymore, the public would accept they have to go through the secure code when purchase a subscription or something else online so there wouldn't be any loss of sales. Also I think it's better to lose 10% sales and decrease your chargeback ratio to 0.5% of lower, than not lose sales and get over the 1% chargeback and lose your processing account. Also a lot of content theft is directly related to credit card fraud, almost every day we deal with Russians who do the purchase through an USA proxy server to get around the fraud preventer, using stolen credit card details. If the secure code was required they wouldn't get through because they don't have this secure code.

Also the way my bank does doesn't have anything to do with mobile phone purchases, it's specifically meant for general online purchases and I think it's 100% fraude proof. They just wanted to get rid of the fixed password that you chose yourself because they probably had too many card holders claiming that someone stole their card details and their password. Now they say to the card holder: so we sent the code to your mobile phone and it was submitted in the form on our website, are you saying that the person who stole your credit card, also stole your mobile phone?

The only time they will still investigate is when it's about larger amounts, let's say $250 or higher, but not in case of a $29.95 charge. I think the banks are getting tired of having to deal with false fraud claims about such small amounts as well.

Zombaio_Tomas · 10-13-2011, 11:07 AM

Quote:

Originally Posted by EukerVoorn

Ok I get to understand it now, so you have credit cards in the USA that require secure code for online purchase and you have cards that don't require it, right? So secure code is not as big as I hoped it would be. Imagine that online transactions without secure code wouldn't be possible anymore, the public would accept they have to go through the secure code when purchase a subscription or something else online so there wouldn't be any loss of sales. Also I think it's better to lose 10% sales and decrease your chargeback ratio to 0.5% of lower, than not lose sales and get over the 1% chargeback and lose your processing account. Also a lot of content theft is directly related to credit card fraud, almost every day we deal with Russians who do the purchase through an USA proxy server to get around the fraud preventer, using stolen credit card details. If the secure code was required they wouldn't get through because they don't have this secure code.

Also the way my bank does doesn't have anything to do with mobile phone purchases, it's specifically meant for general online purchases and I think it's 100% fraude proof. They just wanted to get rid of the fixed password that you chose yourself because they probably had too many card holders claiming that someone stole their card details and their password. Now they say to the card holder: so we sent the code to your mobile phone and it was submitted in the form on our website, are you saying that the person who stole your credit card, also stole your mobile phone?

The only time they will still investigate is when it's about larger amounts, let's say $250 or higher, but not in case of a $29.95 charge. I think the banks are getting tired of having to deal with false fraud claims about such small amounts as well.

Well, no!

If you as merchant offer to accept secure code or verified by visa, and the issuer is not enrolled or the card is not enrolled and does not fall under the above exceptions. You have full liability shift!

So if I use my non-enrolled US Debit Visa and do a Zombaio purchase; the card issuer will not be able to do a chargeback (see above). So as I said, you have a 70% protection, and will not loose any sales. The customers that abort the 3d secure prompt that appears if the card is enrolled will most definitely not be a customer you want anyway.

Zombaio_Tomas · 10-13-2011, 11:11 AM

No system will be 100% fraud proof since a transaction is reflecting an underlying product that you always will be able to dispute. That is why a good anti fraud system on top of the 3D Secure system is important.

EukerVoorn · 10-14-2011, 05:00 AM

Ok thanks for explaining everything Tomas.

10-13-2011, 03:30 AM	#1
EukerVoorn So Fucking Banned Industry Role: Join Date: Aug 2011 Location: Les Alpes, France Posts: 1,423	Does netbilling.com offer visa secure code? Am looking at netbilling.com for one of our sites. Am wondering if they offer visa secure code in other words do subscribers have to go to their own bank's site for entering the Visa or MasterCard secure code sent to them by phone or e-mail? And if so, is it possible to accept secure code approved transactions only, to prevent fraud. Also, something I really would like to know, if someone does a purchase using his credit card and he goes through the secure code routine, can he still go to his bank after the purchase and claim that he doesn't recognize the credit card charge and demand a chargeback? At banks here in Netherlands that is not possible as far as I know; once you've entered the code on your bank's site the transaction is definitive. How does that work in the rest of the world?

10-13-2011, 04:54 AM	#2
ntesic Confirmed User Join Date: Oct 2006 Posts: 194	As far I know, NetBilling don't offer that. __________________ ICQ:349-749-280 Skype: nikolatesic

10-13-2011, 05:54 AM	#3
Barry-xlovecam It's 42 Industry Role: Join Date: Jun 2010 Location: Global Posts: 18,083	1.) For my personal bank cards (VISA USA Issuers) the Verified by VISA and MasterCard Secure Code is a opt-in function of the member banks of the respective credit card associations. No emails are ever sent and the signup process and the future pre-authorization are made at the customer's issuing bank's server. 2.) We don't use netbilling so I can't comment of their capabilities ...

10-13-2011, 08:49 AM	#5
The Ghost IslandDollars.com Join Date: Oct 2004 Location: Icq: 176176 Posts: 12,188	In my experience the vast majority of fraud isn't from customers. It's from scamming affiliates. __________________ ISLAND DOLLARS 1000's of Exclusive TS scenes / Constant Updates Best TS Network your surfers will ever join

10-13-2011, 11:11 AM	#14
Zombaio_Tomas Confirmed User Join Date: Nov 2008 Location: Zombaio.com Posts: 382	No system will be 100% fraud proof since a transaction is reflecting an underlying product that you always will be able to dispute. That is why a good anti fraud system on top of the 3D Secure system is important. __________________

10-13-2011, 07:51 AM	#4
EukerVoorn So Fucking Banned Industry Role: Join Date: Aug 2011 Location: Les Alpes, France Posts: 1,423	Barry are you saying that if you buy something online or sign-up with a porn site (which you do daily of course) you get directed to the site of your own bank and you enter a fixed code/password? That is how it started with my bank but later they dropped the fixed code and now send a code to your mobile phone and if you don't receive that, they send another code to your e-mail address. I must say there are still sites that don't require you to enter the secure code, for example amazon.com or the French railroad service, or Easyjet.co.uk but a growing of other sites do and I think it's a good way to prevent fraud (that's what it's intended for too) and I don't understand why there are still adult biz card processors who don't work with secure code while they at the same time are suffering from chargeback paranoia. Implement secure code and chargebacks will drop to 0.1% or lower.

10-13-2011, 10:01 AM	#8
EukerVoorn So Fucking Banned Industry Role: Join Date: Aug 2011 Location: Les Alpes, France Posts: 1,423	Thanks for explaining Tomas but it's really too technically for me. Can you translate to normal English (or Dutch) whether if card holder enters secure code, he can still go to his bank and claim he doesn't recognize the charge and get a refund? Also I was about to mail you today but want to check something first and will probably mail you tomorrow.

10-13-2011, 10:02 AM	#9
EukerVoorn So Fucking Banned Industry Role: Join Date: Aug 2011 Location: Les Alpes, France Posts: 1,423	Also Tomas another question: does Zombaio require secure code to be entered on all transactions or are does it depend on the setup of the particular bank or card?

10-13-2011, 10:57 AM	#12
EukerVoorn So Fucking Banned Industry Role: Join Date: Aug 2011 Location: Les Alpes, France Posts: 1,423	Ok I get to understand it now, so you have credit cards in the USA that require secure code for online purchase and you have cards that don't require it, right? So secure code is not as big as I hoped it would be. Imagine that online transactions without secure code wouldn't be possible anymore, the public would accept they have to go through the secure code when purchase a subscription or something else online so there wouldn't be any loss of sales. Also I think it's better to lose 10% sales and decrease your chargeback ratio to 0.5% of lower, than not lose sales and get over the 1% chargeback and lose your processing account. Also a lot of content theft is directly related to credit card fraud, almost every day we deal with Russians who do the purchase through an USA proxy server to get around the fraud preventer, using stolen credit card details. If the secure code was required they wouldn't get through because they don't have this secure code. Also the way my bank does doesn't have anything to do with mobile phone purchases, it's specifically meant for general online purchases and I think it's 100% fraude proof. They just wanted to get rid of the fixed password that you chose yourself because they probably had too many card holders claiming that someone stole their card details and their password. Now they say to the card holder: so we sent the code to your mobile phone and it was submitted in the form on our website, are you saying that the person who stole your credit card, also stole your mobile phone? The only time they will still investigate is when it's about larger amounts, let's say $250 or higher, but not in case of a $29.95 charge. I think the banks are getting tired of having to deal with false fraud claims about such small amounts as well.

10-14-2011, 05:00 AM	#15
EukerVoorn So Fucking Banned Industry Role: Join Date: Aug 2011 Location: Les Alpes, France Posts: 1,423	Ok thanks for explaining everything Tomas.