| Depends on the product.
I've seen businesses run at 10%, and others at 0%. Until you have a massive, public facing product that sells internationally across many facets of customer - you've probably never experienced the hell of CB management. Typically, you'll get:
- Stolen cards (obvious ones)
- Stolen cards (very insidious ones - all customer information, proxies that match the customer address, etc). Typically the only way to catch these guys is to have a hugely expensive 'express delivery' option, and manually filter each order that comes through on this option.
- Dumb thieves (chargeback the day after delivery)
- Smarter thieves (chargeback the day after posting)
- Horrible people (chargeback months later)
- Idiots (Unable to use a product, so chargeback)
- Assholes (Weaponise chargebacks to blackmail you) Words to anyone struggling to fight CBs / fraud:
- Use machine learning, ie SiftScience (or similar) to screen all transactions.
- If you use Stripe, use their Radar feature.
- If an order gets one flag, place it into a review queue, and manually process it 24 - 72 hours later. Emailing a customer smokes out the majority of fraud.
- If an order gets two flags - blackhole the order (refund the card, if charged) The biggest thing is making your fraud processes opaque to scammers. If your site returns true/false responses, they'll just keep hammering until they find a combo of cards / proxies / etc that works.
The only way around it is to shadow-ban:
- Send blackholed orders to an approval page.
- Send blackholed orders an approval email. Train your customer service to know which orders were banned, which weren't. If scammers have to wait 1 - 4 weeks to know if their order worked or not.. they will move onto easier targets. |
I wonder if this is why a friend of mine had to call in over and over about an order that kept disappearing.
That or the company really didn't want to fulfill their black friday sales.