Background: Credit Card Fraud and Security
When someone steals someone else's credit card, it used to be super easy for them to just go around the internet and impermissibly use the cards.
Because who on earth could know who is sitting behind the screen while entering the card information.
When the original holder of the card notices an unauthorized use of the card, they usually call the bank and file a dispute. You could definitely see the 1) inconvenience that was caused to the original card holder, 2) the frustration of the money receiver as they will need to return the unauthorized payment; which both points together cause an overall feel of discomfort for all parties.
Financial institutions around the world have introduced a new layer of security called 3D Secure, through which the payer will need to go through an additional verification step that is totally performed at the bank's end in order to authorize the payment.
What's New: 3D Security on Givingloop
It's up to the bank whether to implement 3D Secure as an obligatory security requirement or as an optional security feature.
In order to protect your dear donors and your organization and in both situations whether 3D Security is mandatory or optional, we direct your donors to the authentication page made by your bank.
Practically speaking, here is a quick comparison between the journey before and after implementing 3D Secure:
What's New 2: Zip Code Verification
We used to pass only basic credit card information to our payment processor. We've added a field for ZIP code next to the credit card for US credit cards. With this, there is an automated process that verifies that the entered ZIP code matches the one on file at the bank.
We made this mandatory, if the ZIP code check fails, the payment will fail.
Will this result in fewer donations for my organization?
A natural question that could automatically pop up in your head is whether you'll see a decreased amount of donations. We expect not. And the reason for such expectation is that the additional step is very native and simple.
This means that while the step is created by the bank, but the user will not feel a total redirection out of the donation page. And the verification step is usually a text message with a unique code that the donor will have to enter. Users of today's internet are very used to such a verification step and are usually prepared for it.
What's in it for me?
These verification steps will result in:
1) Less frustration for you; it makes it very unlikely that anyone who verifies through them could be able to force you to issue a chargeback for them through their bank. This will still allow them to dispute the payment but their bank will be responsible for it; and you're protected.
2) Fewer fake donations; it's no fun that you receive donations and then figure out they were fraudulent.
Protection doesn't stop here for us. We are monitoring all donations and making sure you and your supporters are always all safe and protected. We continuously evaluate our protection methods against their impact on donations and keep developing them.
The only constant in security is change, and rapid change. We promise that we keep up with that and keep you updated about the changes.
And, happy sustainability!