It doesn’t matter what type of business you have, if you’re conducting online transactions consistently, it’s important to have a set of order review measures in place. Apart from the obvious benefits of fraud prevention, order review measures build customer trust and increase your leverage in chargeback cases — ultimately reducing your overall chargeback expenses. And the more you grow, the more important these measures and the system that you keep track of them with becomes.
You may already be using or have heard of some of these order review measures before; many come built-in with the processing services MSPs provide, but it’s important to know why and which parameters you have in place to both make better decisions for your business and to be able to defend yourself when chargebacks occur. Documentation and proof of process are the keys to winning cases.
The most common order review checks include the CVV or Card Verification Value, IP address restrictions, flags for high order values based on previous customer transactions, and a process called the “Address Verification System.”
Let’s dig a bit more into AVS.
AVS, or address verification system, is a fraud prevention measure that compares the billing address used in a transaction to the address the cardholder’s bank has on file.
During the checkout process, the customer is required to fill out a billing address. Once a customer submits their transaction for authorization, your online payment gateway cross-checks that address with the address the credit card issuer (MasterCard, Visa, etc.) has on file. Then the issuing bank delivers a response code that either details a full match, partial match, negative match, no match, retry, unavailable, or international card.
That’s it in a nutshell, but let’s explore the nuts and bolts a bit more.
First of all, AVS only checks the numerals of a customer’s zip code and housing number, so if you’re having trouble completing a transaction for a customer, remember that the only variables being checked are numbers. You can rule out letters and save yourself some time and headaches this way. This is also important to remember when designing your responses to certain error codes, which we will talk more about later on.
If you’ve ever accidentally put in the incorrect billing address when checking out online and had to redo the transaction, you’ve experienced AVS firsthand. Usually text will appear above the order form, informing you of the particular variable that triggered the error code.
AVS was originally developed by MasterCard but is now used across almost all major credit card banks (VISA, American Express etc.) to help protect its customers from fraud. Keep in mind that AVS is just a piece of the larger fraud prevention puzzle. At its base, fraud prevention is about verification, and the more information you request that should be exclusive to the card user, the better chance you have at reducing chargebacks and fraud.
Almost all modern payment gateways include AVS measures, but the way banks interpret AVS codes changes brand to brand. There are a series of codes that are standard across these devices, however.
Here are those common codes in alphabetical order along with a brief explanation:
A – Partial Match – The street addresses match but the zip codes don’t.
G – International Card – The issuing bank is outside of the U.S.
N – No Match – Neither the street address or zip code matches what the bank has on file.
R – Retry – Something happened on the server end. You should just run it again if this error fires.
U – Unavailable – Either the bank doesn’t have any information on file or doesn’t support AVS. Use your discretion and other order review processes to determine whether or not to accept the transaction.
W – Partial Match – The street address doesn’t match but the 9-digit ZIP code does.
X – Full Match – The 9-digit zip code and corresponding street address match.
Y – Full Match – The 5-digit zip code and corresponding street address match.
Z – Partial Match – The 5-digit zip code is right, but the street address isn’t. Ask the customer to try again.
You can access a complete list of codes across different credit card bank types here.
There are many reasons to incorporate and understand AVS in your business. From an ethical and customer service perspective, AVS helps make sure your customers are protected from fraud. Businesses are built on trust, and having the proper order review systems in place is a fundamental part of doing business today. One breach could mean a huge loss of lifetime customers.
It’s also cost-effective to use AVS. If your customer eventually issues a chargeback and you didn’t incorporate AVS in your checkout process, you will almost certainly lose the chargeback case. In fact, you won’t even qualify for representment rights if you don’t perform a verification (e.g. AVS) of some sorts. In chargeback cases, the liability is almost always placed on the merchant before the customer, so the key is to build a strong defense before chargebacks even happen.
Also, AVS is free for U.S. markets, and most banks charge extra for transactions that don’t have AVS verification. It’s a liability for them, and they don’t want to deal with chargebacks either. The good thing is that AVS is almost always built into today’s payment processing services, but double check with your provider just to make sure.
Remember, even if you’re using AVS in your business and the transaction passes, you still may be liable for chargebacks.
In other words, AVS is not a catch-all for fraud prevention.
AVS is just a piece of the overall order review process. It’s up to you to gather and keep records of the processes you use to prevent fraud. You must prove you’re actively protecting your customers, and if you can’t or are just using the minimal preventative measures, you will likely still be liable for some of the chargebacks issued by fraudulent transactions. And as mentioned earlier, without AVS you won’t even qualify for representation — essentially eliminating any chance at fighting chargebacks!
You should also be keeping a close eye on PCI compliance when handling customer’s financial information, and you can learn more about how we tackle PCI compliance here.
1. Make sure the payment gateway or POS you’re using supports AVS.
2. Just because AVS fails doesn’t mean the customer is a fraudster. Pay attention to the error codes fired, and make judgment calls based on specific cases.
3. Make sure you know where your customer transaction records are being kept for chargeback cases.
4. AVS is not a one-and-done fraud prevention tool. Incorporate AVS with other order review measures to best prevent fraud and chargebacks. Check with your merchant services provider on how best to approach this.
5. If your payment gateway allows it, customize your responses to each individual AVS code — especially to partial match codes. This is really important for businesses that do a lot of business online. Think about it. If your customer accidentally included an apartment number in their address this time but didn’t on their bank’s file, would you really want to cancel their transaction and lose the sale? It’s small judgment calls like these that in aggregate can make a big difference to your online conversion rate at scale.
6. Remember that pre-paid cards will almost always fail AVS checks. This is another example of a variable you want to account for. If you’re in person, it’s easy to override this, but make sure you have a contingency plan in place online as well.
7. Pay close attention to No Match response codes since these are the highest indicator of fraud. Ask the customer to try again, and if they continue to fire No Match codes you will want to have a system prepared to reach out directly to the customer to ensure everything is okay (typically an automated email asking to verify their financial information and/or identity).
AVS is just a piece in your multi-layered order review/customer prevention processes. It’s an important player but is ultimately insufficient on its own, and it’s up to you to develop a system designed to prevent fraud every step of the way. Having a proper system designed and proper documentation will save you tons of money from chargebacks in the long run — the more you grow, the more chargebacks add up, and you need to be proactive on tackling them.
We have a combined 30 years experience tackling fraud and reducing chargebacks, and we have PCI compliant software that makes your job easy. We’d love to have a conversation about your business and what type of order review process is best for your long-term success.
Subscribe to our newsletter and get payment processing news & insights sent to your inbox.
You can unsubscribe at anytime.