[ChemicalWarfare]

The issuing bank is in business of keeping their cardholders happy not the merchants. That's just the reality of the situation. As a merchant however you have options to utilize the services of managed risk providers (obv there's an additional cost involved) to protect yourself from online fraud.

EDIT: some of these providers are either directly operated by or have very tight relations with cc networks so they do have access to enormous amount of data which they use to make their risk management decisions.

EDIT #2: at a risk of sounding like an ad - one example would be Cybersource who is owned by Visa.

[tyingq]

>>you have options to utilize the services of managed risk providers

Helps a little, but they are, of course, still dealing with a tiny fraction of the available data out there, and the cost is pretty high.

For small to medium sized players you're much better off just doing what you can with AVS, CVV2 match codes, known freight-forwarder addresses, ip geolocation, etc. That's all free other than a bit of dev time.

It's just a shame that the kind of improvements that could be made with access to data only the CC companies and issuing banks have aren't ever going to happen.

[tyingq]

>>EDIT: some of these providers are either directly operated by or have very tight relations with cc networks

Who is that? There's a couple operated by credit reporting services, which is not the same thing at all.