Why We “Bother” Customers About Certain Transactions and Accounts

There is a Lot of Fraud Going On Right Now With Improperly Secured Smart Phones

Be Careful Online. We Are With Your Data.

We always contact customers when they make a transaction with our store, usually to let them know we are processing their order and that we’ll provide the estimated arrival date and tracking information as soon as it is available. There are times we contact customers before we send out merchandise, even if the credit card company has approved the transaction.

Today, we had an email from a man who said that an account at our store  in store (SolarFlairLighting.com) was created in his name, but that he didn’t do it.

We did the responsible thing: we looked up the account. Someone had opened an account and tried to make a purchase, but the CVC code did not match and the transaction was cancelled. He gave us a lot of grief, and we want to clear-up exactly why what we do and why.

We often contact customers when:

  • They tell us they didn’t create an account but an email that an account from our store was created
  • If a credit card transaction raises red flags (and no, we won’t post those) that indicate the purchase(s) may have been made by someone other than the rightful holder of the credit card
  • When the billing and shipping addresses differ

Why? Not to Annoy Customers but to Protect Them

One of the most common times we contact customers is when the credit card billing and shipping address are different for purchase over a certain dollar amount. Before we call, we may double-check to make sure that the phone number matches up to that on the credit card. Usually, but not always, the purchase was made as a gift.

Other times, the card holder is completely unaware that someone used their credit card. We’ve never had a loss due to fraud because of actions like this, and not one single person has had a phony charge from our store. Usually, customers are glad we took the time to check with them, especially when they didn’t authorize the transaction.

Find out more about how to protect your card data with this post from a while back.

Sometimes Customers Don’t Appreciate It

We wish we could say that customers always are happy when we double check. If they are not, we hope they understand it is not to inconvenience them but to protect them.

Today was a case where someone wasn’t happy about what we consider routine due diligence. I don’t know if the man was not feeling well, if he was having a bad day or if he was under the influence. I do know that he was unnecessarily rude and hateful. Ultimately we asked him to please never visit our store again, and never to contact us by phone or email

Maybe Too Many PayPal Commercials Made Him Paranoid?

The many fibs of PayPal…well, let’s just say (for now) we don’t trust them and that is why our store does not accept PayPal. Among them is the myth that stores require a great deal of information (untrue) that PayPal does not and that PayPal is safer. Ha!  (Honestly: we HATE PayPal. Find out why and why we think you should be very careful when dealing with PayPal, because for starters, the fib…a lot. A detailed post of specific examples and screen captures of why will be posted soon. As a merchant, we had no problems. As a consumer, endless grief.)

Back to the story, when we got his email, we checked and saw that a transaction was indeed was attempted but the CVC code did not match and therefore the transaction was rejected. Since this is often indicated fraud, I responded to his email with this information and followed it up with a phone message.

We thought that since he said he didn’t open an account, he would want to protect himself. So, we suggested he contact his credit card company immediately and that we would assist in providing any necessary information to find out who had attempted the transaction.

When he called us, he was FURIOUS. He started ranting, raving and making lots of accusations before we could get a word in edgewise. He said he was ill and I believe that, for sure. But, he was unnecessarily rude and frankly, mean. Among the things he accused us of doing, or “warned us” not to do, along with the facts of the situation are listed below. Following that are the reasons why we did what we did.

  • How Dare our Store “Screw Around” or Block His Credit Card
    Well, we can’t do that. Unlike what PayPal insinuates, we do not see and are not allowed to store credit card numbers, we only see the last 4 digits and that is available for a very short time. We can’t close a credit card, block it or do anything else without the cardholders permission.We don’t see the credit card company, the expiration date or the CVC code. What we can do, and are supposed do when fraud is suspected, such as when a person emails us that an account was opened in their name that they did not create and that the person also did not make or attempt a transaction (as he initially stated), is inform our credit card processor and let them initiate an investigation.

    We don’t do this until we talk to people 99% of the time; the other times, we’re reasonably sure the attempted purchase was fraud. (Such as 99 lights being ordered by a card with a Chicago billing address and an El Paso, TX shipping address, which has happened.)

    Before any type of hold is put on any card, either the cardholder must agree to it or the card holder’s card company must document “unusual and suspicious purchase patterns. .

  • “How Dare We Call from a Private Number”
    Well, we hate sales calls on our phones as much as spam, so we our main phone number. Our 800 number is not. The message we left gave him the private number along with a request that based on his email, that he please contact us ASAP as a purchase was attempted and suggested that he call his card company to see if there had been any purchases made that he was unaware of.He eventually admitted that he had created the account and had attempted a transaction, but messed up the CVC entry. Fine: you should have said that, sir, in the first place instead of saying emailing that you never created an account.
  • “Your Store Better Not Use My Card Number”
    Guess What: We can’t do that even if we tried. Stores can’t recharge or increase the initial purchase price unless the customer agrees to “estimated shipping.” Most stores can only void transaction or issue a full or partial return credit.Unlike PayPal, we can’t turn a one-time payment into monthly, quarterly or annual subscription.
  • How Dare We Call and Upset Him
    Well, he was the one who emailed us to cancel an account, originally telling us he never created the account in the first place. Had he not done so, we would have noted the denied transaction, forward it to the our processor to forward to his card company to deal with the situation. We would surely, however, not accept transactions from that account or that card until we know the situation was resolved.

We Were Trying to Help Him Out and He Just Didn’t Get It

Even though his attitude and accusations were rattling, we would do the same in a similar circumstance. Because instead of admitting he had problems completing the transaction, he denied it all until we told him that someone had used it and if it wasn’t him, we would tell the card processor to initiate an investigation to protect our store and our potential customer.  Anything else would have been irresponsible.

CVC Codes Are One of Your Strongest Protections When Shopping Online

The only place the CVC code is located is on the back of your card. It is not supposed to be recorded; doing so by a physical store (since virtual stores can’t see this info) can have their credit card processing account closed.

And, believe it or not, there are websites that for a small fee, will take basic information and generate a list of possible credit card numbers associated with an individual’s name and address.

It doesn’t matter where the card was used, online or elsewhere. I don’t know how or why these sites are allowed to be online, but they are. What they can’t do is provide the CVC code. What type of algorithm they use to generate potential numbers that will go through is beyond me.

Dumpster Diving

Thieves do dumpster diving looking for credit card statements:both your trash and trash of physical stores and restaurants to obtain receipts with card holder names, card numbers and expiration dates.

Online stores (except PayPal) do not have this information, nor should online stores ask for both your credit card and bank account information. If they do, go elsewhere. Few things in this world are only available from one store.

Your own credit card company does not even (or shouldn’t) know the CVC code. If you’re making a purchase and not asked for the CVC code, think twice about completing the transaction.

Most, but not all stores by any means, require CVC cards for transactions. CVC verification usually costs a bit extra per transaction and means a bit higher monthly fee for the store. Many other merchants don’t ask for it because their databases were created before wide acceptance of CVS codes and redoing back-end accounting systems is expensive.

And, it also costs a bit more per transaction for stores to verify that the billing address is valid. It’s a very small amount, but some stores would rather pocket that small money each month: risky for themselves if fraud occurs, and certainly risky for card holders.

Bottom Line: If You Type in Errors, Email the Store the Truth. Mistakes Happen

Had this man told us the truth, we would have helped him make the purchase.  Given that he lied to us, insulted us, and screamed at us when we were following standard due diligence based on information he provided, we instead asked him to never visit our store again and to have no further contact with us by phone or email.

Would we do it again. Yes, but not with this one guy. God bless the next poor store that has to deal with the mean but overall pathetic guy.

Copyright 2013, SolarLightingSmart.com, SolarFlairLighting.com, AM McElroy
This post or those linked to it may not be used in any part whatsoever with out the express written consent of one of the above parties

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s