This post is from our archives, and not all content is still relevant. For a fresh look at our company & tech, we recommend these sections:
Our Managed WordPress Hosting Service
Articles on WordPress for Business
Industry-specific Hosting Solutions
So here’s the scenario.
- Customer attempts to signup for our service.
- The CC transaction triggers a fraud warning, and transaction is denied.
- Customer contacts us, states the legitimate nature of their ‘self’.
- We respond that we follow the fraud warning and their is not much we can do.
- They ask for a free account anyways
- We decline, and apologize.
- They rant.
Our system at page.ly is 100% automated, and when working correctly everyone is happy. We make choices on how to run our business, as I am sure people out their make choices on how to run theirs. We recently lowered our fraud score threshold as we saw an uptick on bogus credit card attempts. If you wait long enough you’ll see all sorts of bad folks game your payment form trying out stolen credit card numbers. Some perfectly well meaning patrons may be caught up in the drag net. It happens, and it sucks, but we make the choice to play it conservative on credit card transactions.
We never see a users credit card, it is passed directly to the processor over a secure connection when supplied, tokenized and that’s it. The best we can ever get is the last 4 of the CC number, that even then we have to make an API request for. Even further, we do not have the means in our internal system to take/run a credit card manually, it does not fit with our automation model. If a transaction fails the multiple fraud screens, then 99.999% of the time we did our job limiting credit card fraud with a .001% of denying a valid customer.
So what’s the alternative? Most company’s just take the money and let the bank and poor chap who’s card got yanked sort it out, and maybe, but not likely the company see’s a chargeback. That old “as long as I got mine” attitude that has made the world economy so awesome of late /sarcasm.
Well here at page.ly we operate with a “greater good” philosophy. Allow me to explain, Lot’s of companies out there play it loose with customer trust and credit cards, what do they care? As long as they get paid right. The issuing bank eats the fraudulent charge and passes it back on to the consumers at large as a cost of doing business. Everyone pays higher fees and interest because of this. If we loose 1 of every 500 customers because we actively try to prevent fraud, so be it. The greater good prevented 499 others the aggravation of contesting a charge with their bank, and perhaps worse yet cleaning up after identity theft.
So dude can rant, and call us silly. I am confident he is a real person, with a real card, and our filters may have been overly aggressive. And hey maybe we could have pulled up our external merchant account that does not have the same fraud prevention measures, ran the card manually and reversed into the signup process. But then again, maybe we can just keep doing what works for us and our thousands of other customers seem to appreciate.