Lord777
Professional
- Messages
- 2,578
- Reaction score
- 1,532
- Points
- 113
Merchant is a system for accepting online payments from a store. The main task of the merchant is to verify the payment and then accept it or reject it.
1.АVS (Аddress Verifiсаtion Serviсe) - Checking the entered billing address.
2. CVV (Card Verification Value, CVV2, CVC2, CID, Verification number) - checks the 3-or 4-digit code on the back of the card.
3. Match by IP - If the cardholder is from the USA, and the IP is from Moscow, this will at least raise questions, it is also better to check the IP for blackouts.
4. Check whether the BIN belongs to the country.
5. SecureCode+ is used by MasterCard, and a one-time SMS code is sent to the cardholder to confirm the transaction.
6.3-D Secure- used by Visa, the operating principle is the same as SecureCode+.
7. Check the entered mail against the merch databases, and friendly merch, for the presence of transactions with it.
8. Belonging to a fixed-line or mobile Internet provider.
Why can merch reject the transaction?
1. One card means many IP addresses, and the opposite is the case: one IP means many cards.
2. One card – many purchases/failed attempts.
3. One client – many cards.
4. One client – many indexes, email.
5. The client's name does not match the name of the account holder on the merchant's website(if any).
6. The client's country does not match the country of the account owner on the merchant's website(if there is an account).
7. Payment is made at night (according to the client's local time).
The merchant also knows the number of transactions made earlier from the card (when using this merchant), information about the host from which the request came, information about the browser and hardware. This is only a small part of what information can be available to the merchant.
Let's find out who is who in this chain:
After the merchant accepts payment information, the data is sent to the payment gateway.
The basic principle of operation of the merchant gateway is as follows:
1. Checking the card for validity.
2. Data encoding.
3. Sending the encoded data to the processing center.
4. If the process runs smoothly, the encoded data will be returned to the store's website, and the transaction will be confirmed.
How does this happen?
1. After placing an order, you are redirected to the merchant's page.
2. After entering all the data and a successful transaction, funds from the card or wallet (depending on what the payment is made from) are transferred to the account of the acquiring bank, through the processing center.
3. After the transaction is confirmed, the processing center transfers funds to the store's account.
Why do I need to know the merchant?
For popular merchants, information is more or less known about which criteria are paramount for them and which are not. The same merchant evaluates and decides whether to pass or reject a transaction in almost the same way. This means that if a transaction has passed in one store with a certain merchant with certain system settings, card, IP address, etc., it means that it will most likely pass in another store with the same merchant.
That's all for today. In the next article, we will analyze the most popular merchants and how to work with them. Thank you all for your attention)
What security methods do merchants use?
We will describe only the main ones, since each merch has its own methods, which may differ:1.АVS (Аddress Verifiсаtion Serviсe) - Checking the entered billing address.
2. CVV (Card Verification Value, CVV2, CVC2, CID, Verification number) - checks the 3-or 4-digit code on the back of the card.
3. Match by IP - If the cardholder is from the USA, and the IP is from Moscow, this will at least raise questions, it is also better to check the IP for blackouts.
4. Check whether the BIN belongs to the country.
5. SecureCode+ is used by MasterCard, and a one-time SMS code is sent to the cardholder to confirm the transaction.
6.3-D Secure- used by Visa, the operating principle is the same as SecureCode+.
7. Check the entered mail against the merch databases, and friendly merch, for the presence of transactions with it.
8. Belonging to a fixed-line or mobile Internet provider.
Why can merch reject the transaction?
1. One card means many IP addresses, and the opposite is the case: one IP means many cards.
2. One card – many purchases/failed attempts.
3. One client – many cards.
4. One client – many indexes, email.
5. The client's name does not match the name of the account holder on the merchant's website(if any).
6. The client's country does not match the country of the account owner on the merchant's website(if there is an account).
7. Payment is made at night (according to the client's local time).
The merchant also knows the number of transactions made earlier from the card (when using this merchant), information about the host from which the request came, information about the browser and hardware. This is only a small part of what information can be available to the merchant.
How does the merchant work?
The full chain of participants involved in making an online payment when purchasing a product or service via the internet, in general, looks something like this.Let's find out who is who in this chain:
After the merchant accepts payment information, the data is sent to the payment gateway.
The basic principle of operation of the merchant gateway is as follows:
1. Checking the card for validity.
2. Data encoding.
3. Sending the encoded data to the processing center.
4. If the process runs smoothly, the encoded data will be returned to the store's website, and the transaction will be confirmed.
How does this happen?
1. After placing an order, you are redirected to the merchant's page.
2. After entering all the data and a successful transaction, funds from the card or wallet (depending on what the payment is made from) are transferred to the account of the acquiring bank, through the processing center.
3. After the transaction is confirmed, the processing center transfers funds to the store's account.
Why do I need to know the merchant?
For popular merchants, information is more or less known about which criteria are paramount for them and which are not. The same merchant evaluates and decides whether to pass or reject a transaction in almost the same way. This means that if a transaction has passed in one store with a certain merchant with certain system settings, card, IP address, etc., it means that it will most likely pass in another store with the same merchant.
That's all for today. In the next article, we will analyze the most popular merchants and how to work with them. Thank you all for your attention)
