Hi,
I am fairly new to ecommerce websites and am currently implimenting a PayPay Pro (UK) integration. After looking at the various checks you can perform:

1. The Credit Card Number / Expiry / CVV2 is correct
2. That the First line address is correct
3. The zip code / postal code is correct

This maybe a stupid question but should ALL details be 100% correct prior to completing the transaction. Or can you do an Authorisation transaction (whereby you can later capture the funds - maybe validating by calling them etc) if the details are not 100% ?

Of course my initial feeling is that ALL the details have to be 100% correct, but I was wondering if anyone thinks the other approach above is do able?

cheers

I let some of the CVV2 errors go if it's a small order and shipping and billing addresses are the same and those passed AVS.

People are dumb, and people make typing mistakes or they don't know what that number means even though there's always a little popup help link to explain it to them.

Verification details can be tricky. Aside from the typos mentioned above the address verification service (AVS) fails often if customers give their home address when their card is actually billed to a PO box, etc., etc....

The size of the order and the details of the order should give you a good idea of whether it deserves a closer look. I tend to let smaller orders with domestic shipping go through without too much trouble.

Common sense goes a long way when it comes to combating fraud and protecting yourself. All fraud verification systems and services are subject to human error and interpretation which makes them hit-or-miss.

I guess transactions that are borderline could use the authorisation approach (e.g. funds are authorised but are not committed) so that these can be looked at in closer detail.
Only thing is I am selling digital products so when the transaction is taken the product is "shipped" via email so its either the product is sent to borderline cases or reviewed and then "shipped" manually - this could in time cause significant work to process....

Taking payments for digital goods is tough. You can't fight chargebacks effectively having no signature or delivery confirmation of the product. You're also targeted by fraudsters looking for instant gratification -- using those stolen cards before the owner realizes they're stolen.

I require CVV2 and zip code be correct, but not the street address, as the address on file with the bank may be very close but not quite what the customer enters, especially with apartment or suite numbers or directions in the road name ("NE 120st St" vs "Northeast 120st Street", etc).

Everything over a certain dollar value gets a manual look over before service is provided.

Thanks for your input, much appreciated. I like your approach Dan and will go for this one. With digital products I think it will be somewhat tedious to do the authorisation approach.
Cheers