E-merchants Turn Fraud-busters

Computerworld - Nobody likes being ripped off. But for online retailers, the pain of being ripped off by unethical consumers, identity thieves and bogus-card gangs has been magnified by what they consider to be the not-my-problem attitude of credit card issuers and card associations like Visa and MasterCard.
Tom Mahoney, a network administrator at Franklin & Marshall College in Lancaster, Pa., recalls vividly the shock he and his wife felt shortly after they launched their own mom-and-pop e-business in 1997 and discovered not only the threat of fraud but also the double whammy from the credit card companies.
"We thought from the beginning something was fishy -- getting orders for herbs and personal care products with U.S. credit cards, all ... for shipping to Yugoslavia," says Mahoney. He recalls that his card processor had assured him that if he had an authorization number for the transaction, then "all was well." But then the chargebacks started coming in, and banks refused to honor the transactions and added penalty fees for Mahoney's business.
Mahoney says he called some of the banks and was shocked to discover that many of the credit card numbers in question had never even been issued to cardholders, yet they were granted authorization numbers. "That's when I learned that something was wrong with the system," he says.
Today, credit card fraud is pegged as a $160 million annual problem for just the top 25 online retailers, according to Gartner Inc. in Stamford, Conn. But there are some glimmers of hope for improvement.
One encouraging sign is that Visa International Inc. and MasterCard International Inc. recently started full-scale marketing of credit card systems that require online purchasers to supply additional passwords or security codes (Verify by Visa and MasterCard's similar SecureCode). It's an attempt to provide an online equivalent of the in-store signature. Even more important, from the retailers' perspective, merchants that join the programs will finally be freed from most of the liability and onerous chargebacks that so irked Mahoney. Instead, banks will absorb the costs of fraud themselves.
But merchants, analysts and even Foster City, Calif.-based Visa and Purchase, N.Y.-based MasterCard acknowledge that no one is out of the woods yet and that the new programs don't cover every situation. It may be a few more years before the two companies' programs reach critical mass and begin to show significant results. Plus, there's some concern that the pop-up window that requires the new codes will drive some legitimate customers away.
"The Visa and MasterCard programs won't solve all the