Solved

PCI Security Related: How to authenticate large credit card transactions?

Posted on 2011-02-14
3
395 Views
Last Modified: 2012-05-11
This one is a little off the beaten path for EE - but hey nothing ventured..

We take some very large credit card transactions over the phone for our services.  e.g. like $50,000 for a single transaction.  In order to authenticate the person we typically require the customer to fax in a copy of drivers license and the credit card.  I was hoping a security pro might be able to advise on another method of verifying that the customer is who they say they are and is authorized to use that particular credit card.  Thank you.
0
Comment
Question by:amigan_99
3 Comments
 
LVL 4

Accepted Solution

by:
RobertParten earned 250 total points
ID: 34890547
Have you checked with your Credit Card Processing company to see if they offer other mechanisms? A lot of banks offer a number to businesses that allows you to verify identity. Otherwise, I would check with your credit card processing company for further detail.
0
 
LVL 10

Assisted Solution

by:ChopperCentury
ChopperCentury earned 250 total points
ID: 34890698
Other than all the typical checks you would perform there is really no way to validate that the person ordering is the actual card holder. Even people who pass the AVS check and CVV code can still be fraudulant. With the volume of cash you are risking in the sale, you are being very dilligent with requiring a faxed DL. There will always be that one fraudster that gets by and when gambiling with those high transcations, you typically reflect to your organizational risk assessment for guidance.
0
 
LVL 1

Author Closing Comment

by:amigan_99
ID: 35010503
Thank you for the ideas.
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Beyond Tools A conversation I recently had with the DevOps manager of a major online retailer really made me think about DevOps monitoring tools (https://www.onpage.com/devops-incident-management-tool/). The manager and I discussed how sever…
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question