Solved

PCI Security Related: How to authenticate large credit card transactions?

Posted on 2011-02-14
3
392 Views
Last Modified: 2012-05-11
This one is a little off the beaten path for EE - but hey nothing ventured..

We take some very large credit card transactions over the phone for our services.  e.g. like $50,000 for a single transaction.  In order to authenticate the person we typically require the customer to fax in a copy of drivers license and the credit card.  I was hoping a security pro might be able to advise on another method of verifying that the customer is who they say they are and is authorized to use that particular credit card.  Thank you.
0
Comment
Question by:amigan_99
3 Comments
 
LVL 4

Accepted Solution

by:
RobertParten earned 250 total points
ID: 34890547
Have you checked with your Credit Card Processing company to see if they offer other mechanisms? A lot of banks offer a number to businesses that allows you to verify identity. Otherwise, I would check with your credit card processing company for further detail.
0
 
LVL 10

Assisted Solution

by:ChopperCentury
ChopperCentury earned 250 total points
ID: 34890698
Other than all the typical checks you would perform there is really no way to validate that the person ordering is the actual card holder. Even people who pass the AVS check and CVV code can still be fraudulant. With the volume of cash you are risking in the sale, you are being very dilligent with requiring a faxed DL. There will always be that one fraudster that gets by and when gambiling with those high transcations, you typically reflect to your organizational risk assessment for guidance.
0
 
LVL 1

Author Closing Comment

by:amigan_99
ID: 35010503
Thank you for the ideas.
0

Featured Post

What Should I Do With This Threat Intelligence?

Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

Join & Write a Comment

Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
Never store passwords in plain text or just their hash: it seems a no-brainier, but there are still plenty of people doing that. I present the why and how on this subject, offering my own real life solution that you can implement right away, bringin…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now