dentity theft makes headlines as one of the biggest contributors to increases in fraud. This criminal activity continues to grow as crooks easily gain access to consumer credit data and personal information. According to the latest figures available from the Federal Trade Commission, identity theft played a role in 42% of all credit card fraud in 2002.

Undetected fraud leads to chargebacks and losses for merchants because unless fraudsters are caught, they run off with the merchandise without paying for it. Receiving an authorization for a transaction does not guarantee that the card is valid, nor does it guarantee the card has enough "open to buy" remaining on its credit line to fund the purchase.

Many merchants process their transactions in person at the point of sale where the credit card is present. Other merchants handle transactions over the telephone, through the mail, or via the Internet where the card is not present.

Transaction processing for these two types of transactions varies greatly; however, both require reasonable steps to ensure the card, cardholder and transaction are legitimate.

Card-not-present merchants are perfect targets for bankcard fraud. Criminals take advantage of the fact that they can operate anonymously. They know that many of the security features that prevent fraud in the physical world do not apply in the card-not-present environment.

Mail order/telephone order (MO/TO) and e-commerce merchants who choose to process transactions in the card-not-present environment must understand that there is a greater need for protection against fraud exposure and associated losses. This is primarily because card-not-present merchants can be held financially responsible for a fraudulent transaction, even if the card issuer has approved the transaction.

Many identity theft rings operate outside the United States, but target U.S. merchants through Internet and phone card-not-present transactions; this makes it difficult for law enforcement agencies to shut them down. Investigative research indicates that many fraudsters order merchandise and request that it be shipped to Indonesia, Nigeria, Ghana or the United Kingdom.

Typically, these fraud rings contact merchants via e-mail or by phone and make card-not-present purchases. Fraudsters provide a credit card number, and in some cases, images of the front and back of the card to further create the illusion of legitimacy.

After the crooks complete an order and receive merchandise, they initiate transactions using other card numbers. After each purchase, all contact information provided by them becomes invalid, making it extremely difficult to locate their base of operations.

Code 10: First Line of Defense

As a concerted effort to put fraud detection practices in place, the banking and retailing industries established a "Code 10" procedure for both face-to-face and card-not-present transactions. Acquirers, including NOVA, offer clients a strong line of defense against foreign shipment fraud through the combination of the industry-standard Code 10 process and a good voice authorization department. Merchants employ Code 10 to alert a voice authorization center operator about a suspicious transaction.

When a MO merchant specifies shipment of merchandise to a foreign country, the merchant contacts the voice authorization department and requests a "Code 10." The call is then routed to the card-issuing bank and the card number is forwarded to the acquirer's Loss Prevention department.

A Loss Prevention representative contacts the card issuing bank's security staff to inquire about fraudulent use of the card. If the card is confirmed to be a fraud, the merchant is contacted to stop shipment.

Taking it to the Streets

MLSs can extend a greater sense of security to their merchants if they process with an acquirer that has the ability to stop potential fraudulent activity before merchandise is shipped. NOVA can query its entire base of more than 650,000 merchants to determine if a card identified as fraudulent has been used at other merchant locations.

If so, a phone call is placed to those merchants alerting them to the criminal activity in an attempt to stop shipment of the product. This proactively prevents chargebacks and losses that would be sustained by other merchants targeted by the same criminals.

Since January 2004, Code 10 has prevented more than $1.25 million in fraud losses for NOVA Network clients. Of the 550 incidents of suspected fraud identified by Code 10 during that span, 535, or 97%, of them have been confirmed as fraudulent. Spotting fraudulent transactions before merchandise is shipped significantly reduces fraud losses incurred by merchants.

"The aim is to spot fraud before the transaction enters the system," said Robert Walker, Vice President of Customer Loyalty for the NOVA Network.

For more information about Fraud Control Basics and Code 10, visit the following areas of Visa USA's Web site:

• www.usa.visa.com/business/merchants/fraud_basics_index.html
• www.usa.visa.com/business/merchants/fraud_basics_code10.html

Michelle Graff is Vice President of Marketing for NOVA Information Systems. E-mail her at michelle.graff@novainfo.com .