We currently have all of our CVV and AVS settings set to "Yes" in the configuration. In our industry it's common for someone to be purchasing on behalf of an organization. We've found that this setting has caused a few of our customer's transactions to be rejected when using a credit card that may not have the matching zip code. In the debug.log I normally see either 'ZIP MATCH' 'ADDRESS MATCH' when these customers have problems ordering. How necessary are these settings in order to prevent fraud? Or is this just overkill?
Solved! Go to Solution.
The factors that predict whether an order is likely to be fraudulent is going to differ between brand and industry. So I think it's fair for you to meddle with the fraud rules in place to find something that works for you. You can experiment with disabling the zip match rule and see if you experience an increase in fraudulent orders. If you do, one option is to turn this rule back on, another would be to see if there's another, more effective indicator that you can use to predict whether an order is likely to be fraudulent.