Unlike the brick and mortar bookstore down the street, your ebook store will never actually physically host one of its patrons. This means your customers will purchase remotely, so you’ll never actually see their credit cards either. To help you mitigate the risk of fraudulent transactions and costly chargebacks, here are some best practices for processing card not present transactions.
- Gather Payment Information Thoroughly
You should get the cardholder’s name, account number and the expiration date of the card for each and every transaction. You’ll also need the cardholder’s billing address and physical address. If the two addresses are different, make an effort to ensure the physical address is legitimately connected with the cardholder. Record the date of the payment and the total amount charged to the card for the transaction, including taxes. All of this information should be included on the receipt you transmit to the customer along with a detailed description of the item(s) purchased and an electronic descriptor of the transaction.
- Obtain Secondary Verification
Every card not present transaction should be subjected to a two-factor authentication process. You’ll get the primary verification when the customer gives you the account number ad expiration date. However, that information is available to anyone who has a record of the card having been scanned. You should also require the purchaser to provide the three-digit security code. This number cannot be derived from the magnetic stripe on the card and must be provided separately.
- Deploy a Fraud Screening Application
As you’re determining how to sell an ebook online, plan to include a fraud screening application on your site to see if a card has been involved in unscrupulous activity. If the application throws a flag, the transaction should be forwarded to a human being for further investigation.
- Request Authorization from the Issuing Institution
If the card passes your internal sniff test, have your system submit it for authorization to the issuer. You might be tempted to skip internal screening and go directly to this step. However, card issuers charge a fee for providing this service. Why should you pay to find out a card is bad when you can possibly catch it on your own for free? The issuer should also verify the billing address and the card security code information as part of the authorization process.
- Transmit the Ebook
Upon receiving authorization, you can release the ebook for transmission to the customer and slate the funds for deposit into your bank account. Keep in mind; you must transmit the book before making the deposit (which should always be made within 30 days of the transmission of the book).
- Inform Customers of Your Return Policy
Return information should be readily visible on your checkout page so your customers have every opportunity to know what they’re buying into if a dispute arises. In addition to spelling it out on your checkout page, include a link on every page of the site to a separate page detailing the policy. Placing this link in the header or the footer will make it readily accessible.
- Provide Customer Service Contact Information
Among the best practices for processing card not present transactions, this is one of the most important. It usually just takes a conversation to straighten out issues. But you have to give buyers a way to get in touch with someone at your ebook store to have one. If your business is too small to support a full-time person, invest a chatbot application to answer frequently asked questions. But if that doesn’t give the customer the resolution they’re seeking, give them a phone number to call and a reasonable set of hours within which they can call and expect to get someone on the phone to help them.
Adhering to these best practices for processing card not present transactions in your ebook store will ensure your revenue is protected. Whenever you notice anything suspicious, pull out all the stops to investigate and correct it.