tony spencer

Yesterday I returned from a week in London to discover that one of my ecommerce sites was a victim of fraud. I have many measures in place to prevent fraud including strict requirements for exact credit card information as well as a custom built fraud identification system. Unfortunately it can’t always catch every con artist and this crook managed to rob me of $2,400 of product with stolen credit cards. The cards hadn’t been reported stolen yet so the transaction went through.

Why Merchant Accounts and Payment Gateways Don’t Care About Fraud

This type of fraud could be drastically reduced but the merchant accounts and payment gateways like Authorize.net don’t want that to happen. Why? Because they make a great deal of money from chargeback fees and interest on security money they hold. If a merchant like myself has too many chargebacks the payment processors often withhold up to tens of thousands of dollars as security money for their “protection” which is tantamount to holding the merchant up at gun point even if the merchant has a perfect record of refunding every single fraudulent transaction.

How Credit Card Fraud Could be Greatly Reduced on the Internet

Currently there is no incentive for a merchant to report credit cards as stolen when they detect fraud. For instance, in my recent fraud I had to refund 8 credit cards. I fully expect to receive chargebacks on some of these as the owner of the cards rarely notice that the full amount was refunded at a later date. Unfortunately I will still be hit with chargeback fees from the payment processor but at least I’ll win the chargeback dispute.

The Solution

Payment gateways and/or merchant accounts offer NO method for flagging a credit card as stolen.

1. There should be a simple web based form that allows me to flag a particular transaction as stolen and allow me to supply supporting evidence to the card being stolen.

2. To incentivize the merchant to report the card as stolen the payment gateway or merchant account should cancel chargeback fees on that transaction.

3. Ad further incentive to the merchant by developing a scoring system that rates merchants who report fraudulent transations quickly with a higher trusted score much like the auto insurance companys reward good drivers.

Its up to Visa, Mastercard, Discover, and American Express to put pressure on payment gateways and credit card processors to get their act together and to stop placing all burden on the merchant and to stop raping the merchant with fees.

Brett Tabke has threatened legal action against the non-profit LondonSEO group for allegded trademark violation for use of the phrase ‘PubCon’ on the site.

Shortly before sending the threatening email he posted comments on the site under the alias ‘BoboTheCat’:

# BoboTheCat:

btw – pubcon is trademark owned by webmasterworld inc I believe.

A quick Google of ‘BoboTheCat’ turned up this WMW profile which indeed seems to be Tabke: “… been at it since `94 ( BBS’s since ‘85 )”.

The funny bit is that BoboTheCat posts in his own forum under that alias posing as a newbie thinking of going to his first pubcon in Boston.

Hahhahahaha!

I was setting up Drupal 4.6.5 on a new employee’s machine today which also required a fresh install of Apache, PHP and mySql. Unfortunately Drupal has done a lousy job of testing their new releases on the latest stable versions of the apps it depends on. Here are the two issues I ran into and their solutions:

1. Attempting to import the database script (database/database.mysql) results in an error:

REPLACE blocks SET module = ‘user’, delta = ‘0′, status = ‘1′

Line no.:803
Error Code: 1364 – Field ‘pages’ doesn’t have a default value

BLEH!

Come on guys. Test before you release! The issue is something to do with mySql 5.0 so you need to instruct mysql to behave as 4.0. Go to your mysql.ini file and edit this line:

SET GLOBAL sql_mode=’MYSQL40′

2. You finish installing Drupal and load up localhost in the browser and are disappointed to see junk like this in your page:

{head} {styles} {_BLOCK_.header.logo} {_BLOCK_.header.site_name} {secondary_links}
{primary_links}
{_BLOCK_.header.blocks}

The old XTemplate themes are not compatible with the latest version of PHP5. BLEH!

Solution: Install phptemplate engine and choose a phptemplate theme to get rid of the junk.

I was in K-Mart today getting some keys copied and saw the new Google ceiling fans that just hit the market!

I’m just thinking out loud here but everytime I run into a mention of John Scott’s Internet Marketing blog (www.internet-marketing-blog.com) I can’t help but think the URL looks really spammy. It always reminds me of one of my first sites: 1-a1-best-price-viagra-store.com

Come on John. 301 that sucker to something with class!