educational

Credit Card Fraud Alert

I had a suspected credit card fraud attempt on my site this past week that has prompted this week's articles. A customer accidentally subscribed to the site twice. I sent an e-mail to her as soon as I noticed it, to verify in fact that it had been a mistake, prior to issuing a credit on her credit card. I received the following e-mail message back from an entirely different e-mail address:

"I am writing you because I have reason to believe this computer, has opened an account or false account under a factious name, if so I need you to send me all of the info. as to date and times my name is XXXXXX at (XXXXXXXX@XXXXXXX.net) I believe there is a problem and I intend to turn it over to the police for unlawful use of this computer, I am the owner and this is my account thank you"

I replied that I would not divulge my customer's credit card data without verification that it was in fact her. The customer verified that she had never heard of the person who had replied or did not know anyone with that e-mail address. It appears to me that somehow, someone had "sniffed" out the e-mail message and attempted to obtain the credit card information to attempt credit card fraud. No damage was done in this case, as the original transaction had occurred via encrypted transmissions, and I had not revealed any confidential data in the unprotected message.

Nonetheless, it is scary, And that is why I bring you a story today addressing credit card fraud - from the visitors' and the merchants' point of view. I hope it is useful to you.

How To Provide Secure Transactions For Your Online Customers
Many people are still concerned about the security of their personal and credit card information on the Internet. The Small Business Computing magazine (citing a study conducted by Find/SVP, a New York based market research firm) said that:

"the dirty little secret about Web commerce: 92 percent of all Internet transaction are actually processed manually - that is, off line. And most visitors to commercial sites do a lot more browsing than they do buying. Studies show that 91 percent of consumers are concerned about Internet security, and only 27 percent of regular Internet users have made online purchases in the last 12 months..."

These figures are now out of date, but they highlight the need to:

1. Provide multiple means for our customers to buy our products or services, and

2. Reassure our customers of the security that now exists in purchasing online.

The publicity of very few publicized incidents has caused online users to be far more concerned than is warranted, but perception is reality, so we need to deal with it. Actually, it is far easier for someone to steal your credit card information offline, by picking up your credit card receipt from the trash bin at the gas station, for example, as you casually through it away or digging through restaurant trash bins.

Secure forms via SSL are used to provide the security needed to reassure customers. They allow your customers privacy and piece-of-mind when completing a credit card transaction or transmitting personal information. They are a must for commerce enabled sites. The industry standard method of secure forms is to have the communication encrypted by SSL (Secure Sockets Layer). SSL encodes or "encrypts" the information in the customer order form into an untranslatable code, which, if somehow intercepted by some third party while traveling between the customer's browser and the web site server, would not be readable. Sometimes you will hear of this technology as providing a "secure gateway". Secure forms via SSL may be available through your web host. If not, you can obtain them from outside vendors. You simply link to the forms residing on a server completely separate from the one hosting your existing web site. When the visitor is in the secure area, they will know that because the little closed lock or key shows at the lower right of their browser window.

Some hosts offer three different types of SSL security - Virtual SSL, Verisign Authentic, and Thawte Authentic SSL. With Virtual SSL, the secure part of your web site would actually use the web host's SSL certificate. Some web hosts charge extra for this service while some others do not. First, it is important to understand that SSL is assigned to a single domain name. Using a virtual SSL, the web location would momentarily relocate to the web host's domain for the secure portion of the transaction and then return once the transaction was complete. To make orders through your form secure, simply point to the order form through the web host's server. You will need to ask your hosting company for the specific URL to use. Note that your customer may notice that he or she is no longer at your site, but at your host's site. If this happens only at your order form, this is probably not very important. However, if you wish to collect information at other points of your site, such as a registration form, when your relationship may not yet be cemented, you may not want your visitor wondering about what is happening. The certificate authority ("CA") will charge you for the certificate. In addition, your web site host may charge you to install the certificate, test and maintain it.

The preferred alternative is to obtain an Authentic SSL - your own SSL certificate obtained from a certificate authority. The certificate authority ("CA") will charge you for the certificate. In addition, your web site host may charge you to install the certificate, test and maintain it.

Secure Electronic Transaction protocol[/heading] Banks and card issuing authorities use an encryption system known as SET. SET is the Secure Electronic Transaction protocol developed by Visa and MasterCard to enable secure credit card transactions on the Internet. SET uses digital certificates to validate the identities of all parties involved in a purchase and encrypts credit card information before sending it across the Internet.

Encrypted E-mail
An alternative to either SSL or SET to be able to securely order online would be encrypted e-mail messages. Pretty Good Privacy (PGP) encryption is an emerging possibility, but is not convenient to use and able to be used with any e-mail program. Maybe it will become more widely accepted, but I doubt it, with credit card purchasing via secured forms becoming more widely accepted by the customers all the time.

In my next article I’ll show you 11 Ways to Protect Your Business From Online Credit Card Fraud…

Copyright © 2025 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

profile

WIA Profile: Reba Rocket

As chief operating officer and chief marketing officer of Takedown Piracy, long at the forefront of intellectual property protection in adult entertainment, Rocket is dedicated to safeguarding the livelihoods of content creators and producers while fostering a more ethical and sustainable industry.

Women In Adult ·
opinion

Protecting Content Ownership Rights When Using AI

In today’s digital age, content producers have more tools at their disposal than ever before. Among these tools, artificial intelligence (AI) content generation has emerged as a game changer, enabling creators to produce high-quality content quickly and efficiently.

Corey D. Silverstein ·
opinion

How Payment Orchestration Can Help Your Business

An emerging payment solution is making waves in the merchant world: the payment orchestration platform (POP). It’s quickly gaining traction as a powerful tool for managing online payments — but questions abound.

Cathy Beardsley ·
opinion

Fine-Tuning Refund and Cancellation Policies

For adult websites, managing refunds and cancellations isn’t just about customer service. It’s a crucial factor in maintaining compliance with the regulations of payment processors and payment networks such as Visa and Mastercard.

Jonathan Corona ·
profile

WIA Profile: Laurel Bencomo

Born in Cambridge, England but raised in Spain, Laurel Bencomo initially chose to study business at the University of Barcelona simply because it felt familiar — both of her parents are entrepreneurs. She went on to earn a master’s degree in sales and marketing management at the EADA Business School, while working in events for a group of restaurants in Barcelona.

Women In Adult ·
profile

Gregory Dorcel on Building Upon His Brand's Signature Legacy

“Whether reflected in the storyline or the cast or even the locations, the entertainment we deliver is based on fantasy,” he elaborates. “Our business is not, and never has been, reality. People who are buying our content aren’t expecting reality, or direct contact with stars like you can have with OnlyFans,” he says.

Jeff Dana ·
opinion

How to Turn Card Brand Compliance Into Effective Marketing

In the adult sector, compliance is often treated as a gauntlet of mandatory checkboxes. While it’s true that those boxes need to be ticked and regulations must be followed, sites that view compliance strictly as a chore risk missing out on a bigger opportunity.

Jonathan Corona ·
opinion

A Look at the Latest AI Tools for Online Safety

One of the defining challenges for adult businesses is helping to combat the proliferation of illegal or nonconsensual content, as well as preventing minors from accessing inappropriate or harmful material — all the more so because companies or sites unable or unwilling to do so may expose themselves to significant penalties and put their users at risk.

Gavin Worrall ·
opinion

Know When to Drop Domains You Don't Need

Do you own too many domains? If so, you’re not alone. Like other things we accumulate, every registered domain means something to us. Sometimes a domain represents a dream project we have always wanted to do but have never quite gotten around to.

Juicy Jay ·
opinion

Understanding 'Indemnification' in Business Contracts

Clients frequently tell me that they didn’t understand — or sometimes, even read — certain portions of a contract because those sections appeared to be just “standard legalese.” They are referring, of course, to the specialized language used in legal documents, including contracts.

Corey D. Silverstein ·
Show More