1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Best Protection against fraudulent purchases: Paypal vs 2checkout vs other?

Discussion in 'BlackHat Lounge' started by Stupid Smurf, Sep 21, 2012.

  1. Stupid Smurf

    Stupid Smurf Regular Member

    Joined:
    Dec 12, 2011
    Messages:
    337
    Likes Received:
    138
    Occupation:
    Watcher.
    Location:
    NY
    Home Page:
    Been having a big problem with fraudulent purchases lately getting through paypals lack of security filters on my premier account. I sell intangible goods, so I'm boned when this happens.

    Heard if you upgrade to a business account on paypal, they offer integral evolution, which can reduce unauthorized transactions by up to 90%. But, paypal being the super awesome company they are, they don't offer this added security to people living in the United States. Lady on the phone said they are developing something, but no idea when it'd be launched. Think about that for a moment.

    So.. I'm looking for a better solution. Paypal Pro + Added Security Feature or 2Checkout or Something else? I really want to be able to continue to receive payments from people with paypal accounts, unfortunately though.

    1) Paypal Pro - $30 a month + $20 a month for advanced security. Lower fees than 2checkout (with expected volume, should end up paying less than 2checkout). The guy on the phone said the security feature would allow yo to adjust your own filters, would alert you to transactions that are high risk, but he also didn't think it'd offer much more protection than my premier account. Durrrr? I know some of their sales people have no idea what they are talking about though, anyone have experience with this?

    2) 2Checkout - $10.99 a month. Higher fees. Speaking to a rep and research, seems to indicate they have fairly high level of security filters to stop fraudulent / unauthorized transactions. But some could still get through. If it's like ~1%, could live with that.

    3) Something else??

    I am selling on a website, need the shopping cart / buy now button, etc. Does anyone have any recommendations on what would be better at filtering out the fraudulent purchases? Any experience with the above two?

    Thanks.
     
  2. Cystomatic

    Cystomatic Junior Member Premium Member

    Joined:
    Mar 2, 2012
    Messages:
    131
    Likes Received:
    28
    If you are selling some software or e-books, I would suggest you to use payproglobal, plimus or avangate.

    All have great security against fraudulent payments. Although I think they only pay you once a month, and take 5 - 10% of your money.
     
    • Thanks Thanks x 1
  3. Stupid Smurf

    Stupid Smurf Regular Member

    Joined:
    Dec 12, 2011
    Messages:
    337
    Likes Received:
    138
    Occupation:
    Watcher.
    Location:
    NY
    Home Page:
    Thanks for the reply.

    I'm not selling software or e-books, it could be considered more a service. Currently I'm using E-Junkie as my shopping cart, since each service has a lot of different variations to them. Not really a fan of monthly pay or having 5 to 10% taken, but I'll look at those.
     
  4. silentthunder

    silentthunder Jr. VIP Jr. VIP Premium Member

    Joined:
    Feb 6, 2009
    Messages:
    525
    Likes Received:
    1,342
    Occupation:
    cpa
    Location:
    In the pink
    Much faster and easier to speak to your first name basis rep on 2CO. Need to speak to PayPal customer service. Call them the moment they open, put your phone on speaker, grab coffee and a magazine and hunker down. lol
     
    • Thanks Thanks x 1
  5. Cystomatic

    Cystomatic Junior Member Premium Member

    Joined:
    Mar 2, 2012
    Messages:
    131
    Likes Received:
    28
    Well you can't use such a payment processor then, if you are offering a service.

    What I suggest you, to avoid these kids from disputing the transaction is let them send the payment as service, and put a little note

    Such as: "I have already received the service and I am satisfied with it"
    Something like that, should give you a better chance of the dispute.
     
    • Thanks Thanks x 1
  6. Stupid Smurf

    Stupid Smurf Regular Member

    Joined:
    Dec 12, 2011
    Messages:
    337
    Likes Received:
    138
    Occupation:
    Watcher.
    Location:
    NY
    Home Page:
    That unfortunately wouldn't work with the business model either. Need the shopping cart / buttons, and that also wouldn't protect me from fraudulent purchases. I've had paypal fight some fraudulent purchases that were faked, but I want to know is who has the best security filters to prevent people from purchasing goods with stolen credit cards or paypal accounts. That's where my losses are coming from.

    That's why I'm so disappointed paypal doesn't offer the same extra protection it does to people in the US that it does in other countries.

    But I'm wondering if paypal Pro, 2checkout, or someone else has really good filters to help keep me safer. That's my question.

    silentthunder -> Thanks, but I've never really had any problems or had to wait long to speak to people at paypal. Do you find 2checkout has good filters in preventing fraudulent purchases? What % of your sales are? (if you use them a lot)
     
  7. 247hustle

    247hustle BANNED BANNED

    Joined:
    Mar 29, 2010
    Messages:
    411
    Likes Received:
    204
    sry for hijacking, but i'm in the same need. had alot of unauthorized payments and i had to take care of them by myself.
    subscribed.
     
  8. macdonjo3

    macdonjo3 Jr. VIP Jr. VIP Premium Member

    Joined:
    Nov 8, 2009
    Messages:
    5,560
    Likes Received:
    4,316
    Location:
    Toronto
    Home Page:
    Well, I've done $10,000+ in sales with both PayPal and 2Checkout and the winner is certainly 2CheckOut.

    Plimus takes too much of your money. I'm starting to like Clickbank. It's a trusted affiliate network, refunds are automatic and I haven't noticed any crazy fees like 2Checkout has.

    Right now I'm sticking with 2Checkout but will be splitting sales between the 2, since Clickbank doesn't easily allow $100+ products, so those still have to go on 2Checkout.

    As per the unauthorized transaction argument, I cannot remember the last time I've had an unauthorized transaction. It's certainly <5%, but that's because people also use that as an excuse occasionally, in attempt to get a free product.
     
    • Thanks Thanks x 2
  9. Zapdos

    Zapdos Power Member

    Joined:
    Oct 22, 2011
    Messages:
    597
    Likes Received:
    708
    Location:
    Eastern North Carolina
    • Thanks Thanks x 1
  10. Stupid Smurf

    Stupid Smurf Regular Member

    Joined:
    Dec 12, 2011
    Messages:
    337
    Likes Received:
    138
    Occupation:
    Watcher.
    Location:
    NY
    Home Page:
    macdonjo3: Thanks, that's good to hear about 2checkout, but no experience using Paypal Pro + Advanced Fraud Management Filters? Volume wise, that would end up being cheaper for me, so if it works just as well, would be nice to know. Still can't believe the guy at paypal said it wouldn't be any safer than a premier account, especially considering this is a service you pay for, LOL.

    Zapdos: Thanks for that! Looking over there website, I'm not really seeing how you actually set it up to work on their website? Might be nice to use in addition to something else to increase filters.
     
  11. singhavn

    singhavn Jr. VIP Jr. VIP Premium Member

    Joined:
    Jun 20, 2012
    Messages:
    1,256
    Likes Received:
    111
    Even paypal screws me from time to time by limiting, asking for documents, I still like them. they saved me from trouble at least thrice when i was about to get scammed...
     
  12. subster

    subster Elite Member

    Joined:
    Apr 5, 2008
    Messages:
    1,864
    Likes Received:
    1,448
    Location:
    Krauthausen
    • Thanks Thanks x 1
  13. Stupid Smurf

    Stupid Smurf Regular Member

    Joined:
    Dec 12, 2011
    Messages:
    337
    Likes Received:
    138
    Occupation:
    Watcher.
    Location:
    NY
    Home Page:
    That could work too, although website is in German and company is based in Germany? If a US processor offers full protection, that would be really nice! We pay them for their service and when they fail, we're liable. Really is not fair at all. They should cover the costs, since it's their failure.
     
  14. subster

    subster Elite Member

    Joined:
    Apr 5, 2008
    Messages:
    1,864
    Likes Received:
    1,448
    Location:
    Krauthausen
    i have phoned long with them, should not be a problem with a us site , the owner is an former ceo of moneybookers and pretty cool to talk with.
     
    • Thanks Thanks x 1
  15. Vic Sage

    Vic Sage Jr. VIP Jr. VIP

    Joined:
    Sep 5, 2010
    Messages:
    1,715
    Likes Received:
    2,110
    Gender:
    Male
    Occupation:
    Scientist Performing Marketing Experiments
    2CheckOut is definitely the best fraud protective payment system! Where paypal only supports buyers, 2checkout supports both the buyer and seller and does everything possible to save them from fraud!
     
    • Thanks Thanks x 2
  16. Stupid Smurf

    Stupid Smurf Regular Member

    Joined:
    Dec 12, 2011
    Messages:
    337
    Likes Received:
    138
    Occupation:
    Watcher.
    Location:
    NY
    Home Page:
    subster -> Thanks for your experience with them. But not being able to speak German or read it, could be a bit of a problem lol.

    crusher -> Thanks as well. Paypal actually has fought some of the "fake" fraudulent chargebacks for me and won, so I do feel secure that they would have my back. It's the security filters I'm most concerned about, I believe both 2checkout and paypal, you lose the money if either allows a real fraudulent purchase.

    I'm surprised I haven't been able to find any feedback on Paypal Pro + Advanced Fraud Management Filters yet, not even on their community forums.
     
  17. subster

    subster Elite Member

    Joined:
    Apr 5, 2008
    Messages:
    1,864
    Likes Received:
    1,448
    Location:
    Krauthausen
    gtranslate and then call there. the guy has worked for moneybookers and i am more than sure that his english is pretty good ;)
     
    • Thanks Thanks x 1
  18. Zapdos

    Zapdos Power Member

    Joined:
    Oct 22, 2011
    Messages:
    597
    Likes Received:
    708
    Location:
    Eastern North Carolina
    Check out the integration/API on their site.
    http://www.maxmind.com/download/ccfd/ccfd_php_1.52.tar.gz

    example:
    Code:
    <?php
    require("CreditCardFraudDetection.php");
    
    // Create a new CreditCardFraudDetection object
    $ccfs = new CreditCardFraudDetection;
    
    // Set inputs and store them in a hash
    // See http://www.maxmind.com/app/ccv for more details on the input fields
    
    // Enter your license key here (Required)
    $h["license_key"] = "YOUR_LICENSE_KEY_HERE";
    
    // Required fields
    $h["i"] = "24.24.24.24";             // set the client ip address
    $h["city"] = "New York";             // set the billing city
    $h["region"] = "NY";                 // set the billing state
    $h["postal"] = "11434";              // set the billing zip code
    $h["country"] = "US";                // set the billing country
    
    // Recommended fields
    $h["domain"] = "yahoo.com";        // Email domain
    $h["bin"] = "549099";            // bank identification number
    $h["forwardedIP"] = "24.24.24.25";    // X-Forwarded-For or Client-IP HTTP Header
    // CreditCardFraudDetection.php will take
    // MD5 hash of e-mail address passed to emailMD5 if it detects '@' in the string
    $h["emailMD5"] = "Adeeb@Hackstyle.com";
    // CreditCardFraudDetection.php will take the MD5 hash of the username/password if the length of the string is not 32
    $h["usernameMD5"] = "test_carder_username"; 
    $h["passwordMD5"] = "test_carder_password"; 
    
    // Optional fields
    $h["binName"] = "MBNA America Bank";    // bank name
    $h["binPhone"] = "800-421-2110";    // bank customer service phone number on back of credit card
    $h["custPhone"] = "212-242";        // Area-code and local prefix of customer phone number
    $h["requested_type"] = "premium";    // Which level (free, city, premium) of CCFD to use
    $h["shipAddr"] = "145-50 157TH STREET";    // Shipping Address
    $h["shipCity"] = "Jamaica";    // the City to Ship to
    $h["shipRegion"] = "NY";    // the Region to Ship to
    $h["shipPostal"] = "11434";    // the Postal Code to Ship to
    $h["shipCountry"] = "US";    // the country to Ship to
    
    $h["txnID"] = "1234";            // Transaction ID
    $h["sessionID"] = "abcd9876";        // Session ID
    
    $h["accept_language"] = "de-de";
    $h["user_agent"] = "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_5; de-de) AppleWebKit/525.18 (KHTML, like Gecko) Version/3.1.2 Safari/525.20.1";
    
    // If you want to disable Secure HTTPS or don't have Curl and OpenSSL installed
    // uncomment the next line
    // $ccfs->isSecure = 0;
    
    // set the timeout to be five seconds
    $ccfs->timeout = 10;
    
    // uncomment to turn on debugging
    // $ccfs->debug = 1;
    
    // how many seconds to cache the ip addresses
    // $ccfs->wsIpaddrRefreshTimeout = 3600*5;
    
    // file to store the ip address for minfraud3.maxmind.com, minfraud1.maxmind.com and minfraud2.maxmind.com
    // $ccfs->wsIpaddrCacheFile = "/tmp/maxmind.ws.cache";
    
    // if useDNS is 1 then use DNS, otherwise use ip addresses directly
    $ccfs->useDNS = 0;
    
    $ccfs->isSecure = 0;
    
    // next we set up the input hash
    $ccfs->input($h);
    
    // then we query the server
    $ccfs->query();
    
    // then we get the result from the server
    $h = $ccfs->output();
    
    // then finally we print out the result
    $outputkeys = array_keys($h);
    $numoutputkeys = count($h);
    for ($i = 0; $i < $numoutputkeys; $i++) {
      $key = $outputkeys[$i];
      $value = $h[$key];
      print $key . " = " . $value . "\n";
    }
    ?>
    
     
  19. Stupid Smurf

    Stupid Smurf Regular Member

    Joined:
    Dec 12, 2011
    Messages:
    337
    Likes Received:
    138
    Occupation:
    Watcher.
    Location:
    NY
    Home Page:
    subster -> My cell phone also isn't able to call outside the US lol. I'll look at them a little more, also finding some others googling for full chargeback protection. Looks like moneybookers might actually offer it too.

    Zapdos -> So going to need some coding knowledge to set it up, looks like?


     
  20. Zapdos

    Zapdos Power Member

    Joined:
    Oct 22, 2011
    Messages:
    597
    Likes Received:
    708
    Location:
    Eastern North Carolina
    Correct. Depending on the system you use, it could be from a 10-120 minute setup.
     
    • Thanks Thanks x 1