The T.J. Maxx Hack Illuminates Reality Credit Card Companies Want to Hide from Online Merchants, Says Payment Service Provider

The 'T.J. Maxx hack', where the credit card information for over 45.7 million customers was compromised by hackers, may be bad for card holders, but it has been most costly for online merchants, according to business payment service provider, DalPay Internet Billing.

Dalvik, Iceland (PRWEB) May 2, 2007 -- The 'T.J. Maxx hack', where the credit card information for over 45.7 million customers was compromised by hackers, may be bad for card holders, but it has been most costly for online merchants.

As people experienced in selling online know, the credit card associations and most payment providers including major banks give no protection to merchants selling online

A transaction marked as accepted by a payment gateway, with proof of goods shipped by a merchant in good faith, does not in fact mean that the merchant is protected if the credit card is later found out to have been stolen. In fact the merchant will be liable for chargeback fines as well as return of the money from the credit card sale, and for the cost of the merchandise stolen from them

These stolen card numbers have clearly been circulating in the hacker underground for a long period, and have been used to perpetrate millions of dollars worth of fraud against merchants

Without help to protect themselves, merchants are completely vulnerable, and liable. While that may be satisfactory to issuing banks, the card associations, and many payment gateways, it is not acceptable that they fail to make this risk acceptance by merchants crystal clear to the merchants themselves

And that is a crime against fairness as serious as the fraud itself.

"A transaction marked as accepted by a payment gateway, with proof of goods shipped by a merchant in good faith, does not in fact mean that the merchant is protected if the credit card is later found out to have been stolen. In fact the merchant will be liable for chargeback fines as well as return of the money from the credit card sale, and for the cost of the merchandise stolen from them," continued Snorrason.

Because of the global reach of online payment processing, massive thefts of credit card information such as the T.J. Maxx hack hurt online merchants most, because unlike card holders or brick and mortar stores, online merchants are entirely liable for card not present transactions even if they are not at fault.

In the case of the 'T.J. Maxx hack' hackers managed to access information from 826 TJ Maxx, 751 Marshalls and 271 HomeGoods stores in the US and Puerto Rico, 36 Bob's Stores in the US, and 184 Winners and 68 HomeSense shops in Canada, in some cases dating back to 2003. 455,000 customers who returned merchandise without receipts appear to have had personal data stolen - including driver's licence numbers. TJX's 210 shops in the UK and Ireland are also believed to have been effected. Source: News.com.

Last week, Bank associations in the US states of Massachusetts, Connecticut and Maine sued TJX Cos., the parent company, regarding the data breach, seeking class-action status. However, the banks' concern is to be reimbursed for replacement cards and card present transaction costs for which they are liable. This is of little comfort to the thousands of card not present online merchants who have been effected, and who will not receive a cent.

Luckily some payment gateways such as DalPay.com provide fraud screening technology to their merchants to help them to screen transactions themselves, and ensure that merchants are fully informed about any known risk factors in accepting an order online.

"These stolen card numbers have clearly been circulating in the hacker underground for a long period, and have been used to perpetrate millions of dollars worth of fraud against merchants," stated Snorrason.

Most merchants do not have someone like Detective Constable Ralph Eastgate, patiently tracking down the credit card fraudsters (as detailed in the new book 'Other People's Money: The Rise And Fall Of Britain's Most Audacious Credit Card Fraudster', by Neil Forsyth with Elliot Castro).

"Without help to protect themselves, merchants are completely vulnerable, and liable. While that may be satisfactory to issuing banks, the card associations, and many payment gateways, it is not acceptable that they fail to make this risk acceptance by merchants crystal clear to the merchants themselves," remarked Snorrason. "And that is a crime against fairness as serious as the fraud itself."

About DalPay Internet Billing

DalPay Internet Billing, based in Iceland, is a payment service provider offering credit card processing to businesses of all sizes worldwide, with or without an online merchant account.

DalPay allows those selling online to accept all major credit cards, provides multi-currency settlement (GBP, EUR, USD and more), effective fraud screening tools, and responsive support to merchants.

###

Post Comment:
Trackback URL: http://www.prweb.com/pingpr.php/VGhpci1UaGlyLVpldGEtUHJvZi1NYWduLVplcm8=

credit card processing credit card security how credit card processing works online privacy e-commerce identity theft

Bookmark -  Del.icio.us | Furl It | Technorati | Ask | MyWeb | Propeller | Live Bookmarks | Newsvine | TailRank | Reddit | Slashdot | Digg | Stumbleupon | Google Bookmarks | Sphere | Blink It | Spurl