Quick bit of background, about 9 years ago I worked for one of the largest cc processing companies in the world (they processed like 9/10 cc transactions in the US).
The issue is actually a lot more complicated than you are realizing / probably have any reason to know. Let's start with how a transaction get processed: There are usually 3 parts to this: * CC Authorization (using the CC # and exp date) * CVV2 (The 3 digit code on the back of your card) (they charge like $0.10 for this) * AVS (Address Verification) - Quick note on this one, it can only process the digits in the address so if the address on the card was "123 Main St Apt #4, Any Town CA, 91000" the following would match as well "1234 Nowhere, NotMyTown NV, 91000") (they charge like 0.25 for this) Verified by Visa / Mastercard SecureCode, while great and have been catching on, are still not available from all banks. Even fewer have it available to work on mobile networks. If Google required this, they would have a lot of customers they would turn away and last time I built a system that needed Verified / SecureCode (probably a lil over 2 years ago) there was no way of knowing if it was available or not, it either passed that it was verified or it says it didn't pass verification. So as you can see from a merchant perspective there really is not a lot of help from Visa/MC to prevent fraud (will get into why in a few). As a work around to this many online merchants started using 3rd party software that would check and see if the IP address used was within X miles of the billing zip code (using GeoIP), checking for proxies, so on and so forth. Many of these would give a % of the charge not being fraud that really was their own internal algorithm and had nothing to do with Visa/MC. So why are Visa / MC not caring about fraud? Fraud is where they make the majority of their money, at least when I worked there, and yes really. Visa / MC do not have to return any money to the card holders bank when fraud happens, the processor does. However Visa / MC would actually charge the Merchant an arbitrary fee. The range I saw was between $15 and $25 per fraud transaction depending on contract and volume. Now I am sure that some of it went to the processor, but I know that Visa / MC had a set fee per fraud transaction, then the processor charged more on top of that. Also they take the % charged per the merchant agreement (let's use 3% for ease of use) both on the transaction and on the refund. So let's break that down real quick on a $0.99 charge that gets a charge back. 3% charge for transaction = $0.03 $0.10 for CVV2 = $0.10 $0.25 for AVS = $0.25 3% charge for the refund = $0.03 $15 (low balling this one) charge for the charge back fee = $15.00 So that $0.97 income for Google, now costs them $15.41 Ohh and the greatest part, if the Merchant can get you to repay them (legal threat / whatever), according to most merchant agreements, they cannot recover the fees they had to pay. Even better, guess what the Merchant needs to fight a charge back, a signed credit card receipt (I have heard they allow signed contracts as well now, but the signature has to match what is on file with the bank). Online transactions cannot be fought (once again I am sure this has changed by now). So what can the merchant do when they believe that a charge may be fraud? Ask for something that only person would have, which is what they have done here, bank statement / utility bill / driver's license / etc. While I understand the frustration with it, hopefully you can now understand why this happens the way it does. :) Billy Vierra E-Mail: bvie...@sortatechie.com http://about.me/bvierra -----Original Message----- From: tech-boun...@lists.lopsa.org [mailto:tech-boun...@lists.lopsa.org] On Behalf Of lopser Sent: Tuesday, August 21, 2012 7:37 PM To: Brandon Allbery; lopser Cc: LOPSA Technical Discussions (t...@lopsa.org) Subject: Re: [lopsa-tech] Google wants images of my passport, driver's license, bank statement, etc. > From: Brandon Allbery [mailto:allber...@gmail.com] > Sent: Tuesday, August 21, 2012 10:34 AM > >> On Mon, Aug 20, 2012 at 3:05 PM, lopser <lop...@nedharvey.com> wrote: >> Here's what they say: >> We were unable to verify the credit or debit card information for >> your recent order. Your order has been cancelled > > Note that this is a boilerplate version of "your credit card was > submitted and they (i.e. not Google, but upstream) rejected it". I > couldn't tell you why, or why it continued for multiple cards, but you > might want to verify that your cards are still valid and *then* take it up > with Google. I agree with your interpretation of the words, but unfortunately, not correct. I have always had two credit cards (one visa, one mastercard) in google, which I have used numerous times before. These are the same cards that I use elsewhere, for automatic recurring charges as well as in person for daily purchases. My cards are still good everywhere else. Google is the only place having a problem. I cannot eliminate the possibility that both Visa and Mastercard identified google as a hotspot for credit fraud and therefore they both blocked google. But I have no reason to believe such a thing. Whenever my banks suspect anything suspicious, they reject the transaction, and they call me for verification. That has happened several times before - but didn't happen with this google situation. _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/ _______________________________________________ Tech mailing list Tech@lists.lopsa.org https://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
