Study Guide
Table Of Contents
- PayPal Certified Developer Program Study Guide
- Contents
- List of Tables
- Online Payment Processing
- Internet Security and Fraud Prevention
- Why Every Business Should Be Concerned About Internet Fraud
- Liability for Internet Fraud
- Internet Fraud: What It Is and How It Happens
- Who Is at Risk for Online Fraud
- Reducing Exposure to Fraud
- What Banks and Card Associations Are Doing to Prevent Online Credit Card Fraud
- What PayPal Is Doing to Protect Your Business Against Fraud
- Disclosure and Compliance
- PayPal Fraud Protection Services
- Review Questions
- Getting Started With Account Setup
- API Credentials
- Name-Value Pair (NVP) API
- Express Checkout
- Direct Payment API
- Transactions
- Sandbox Testing
- Answers to Review Questions
- General Reference Information
- Glossary
- Index
PayPal Certified Developer Program Study Guide March 2008 25
Internet Security and Fraud Prevention
Internet Fraud: What It Is and How It Happens
2
more quickly, thus saving time and money. In some cases, online merchants have reduced their
chargeback rate from 7% to 2%.
Internet Fraud: What It Is and How It Happens
All internet payment fraud is based on stolen consumer or merchant identities. It also requires
access to payment networks to complete the fraud. The result is product theft, identity theft,
and cash theft.
z Product Theft: Occurs when a criminal uses stolen credit card information to purchase
goods and services.
z Identity Theft: Occurs when stolen credit card information is combined with readily
available social security numbers and address information to open new credit cards under
the victim’s name and address.
z Cash Theft: Occurs when criminals break into a virtual cash register by stealing merchant
account access information and impersonating you in order to issue credits or payments to
themselves.
Fortunately, there are ways to protect against fraud. The most important thing you can do is
choose a reliable and secure payment solution that includes basic and advanced antifraud
features. Here are some of the most common fraud-related risks facing online merchants:
Consumer Identity Theft
Criminals steal consumer credit card information through a variety of methods, including
dumpster diving for paper receipts, hacking into e-commerce networks, or using handheld
“skimmers” to digitally scan numbers from credit cards of unsuspecting people at restaurants
or cash registers. Phishers, meanwhile, will send fraudulent emails to consumers warning, for
instance, of a problem with a credit card account in an attempt to trick the person to provide
personal information. Once they’ve obtained the credit card information, these criminals can
use it to steal products outright or open other accounts by impersonating the victim.
Merchant Identity Theft
Just as offline criminals can break into a cash register, online criminals can hack into the
accounts of web merchants and funnel money to themselves. These criminals might be
employees or visitors to a building who copy unprotected login information. They then can use
the information to hack into a back-end system to hijack a merchant’s payment gateway
account, which provides the secure connection between your online store and your internet
merchant account. Through this move, they can steal cash directly from the business by
issuing themselves credit cards and payments.
Accessing Payment Networks
Once criminals have stolen an identity, they may access a payment network to complete the
fraud. Most do this through two primary channels: a web merchant’s checkout page or a
payment gateway account. Although a checkout page provides convenience for both buyer and
seller, it can raise some security concerns. For example, some criminals use the page to test