[tyingq]

>>when they see a likely-fraudulent transaction, they call the cardholder, not the merchant

Right. Which means the item gets shipped. Because...yep.

Edits: a) In the real world, the bank does not catch these things in between auth/capture. b) 3rd party companies are limited in what they can do. They don't have the full picture.

[ChemicalWarfare]

Not necessarily :) If the bank calls the cardholder on file and the cardholder tells them the tx is not his they will at least reverse the auth so the merchant can't issue a capture against it when shipping the actual goods. In some cases they call them before the auth is approved.

But again the banks are not in business of protecting the merchant. There are companies that are in that business however and as a merchant you have an option to use their services.

[jon-wood]

All the UK card issuers I've used decline the transaction at my end and then contact me to verify I was trying to make that payment. Once that's done I can try again and the transaction will clear.