Standard Fraud Prevention Tools
From stringent authorization requirements to strict data security requirements, Discover Network's fraud prevention tools and services help issuers protect their customers and issuer profits from fraud.

100% Authorization Requirement
We require authorization on all transactions submitted through the Discover Network.

Code 10: Suspicious Situations
When a merchant becomes suspicious of fraud during a transaction, they can phone in a "Code 10" authorization request and automatically connect to the card issuer to ensure quick and appropriate action.

Card Verification Value (CVV)
Requiring CVV on plastics and in authorization messages helps limit fraud from counterfeit cards.

Address Verification Service (AVS)
To limit fraud on card-not-present transactions, we require merchants to capture the cardholder's address, which is compared by the issuer to the cardholder's billing address prior to authorizing.

Card Identification Data (CID)
Requiring merchants to submit the non-embossed three-digit numeric code on the backs of cards for all card-not-present transactions helps issuers in the fight against fraud.

Discover Information Security Compliance (DISC)
To safeguard cardholder information and limit data compromises, DISC establishes our rigorous data security and risk-avoidance requirements, which are aligned with the Payment Card Industry (PCI) Data Security Standards.

Data Security Notification
We notify issuers immediately in the event of a data security compromise. Issuers can also contact the Discover Network Help Desk with data security questions or to report a compromise. Learn more about our Help Desk.

Additional Fraud Prevention Tools
To help issuers proactively fight fraud and mitigate risk of loss due to fraudulent activity, Discover Network offers tools that keep you informed about industry-wide concerns and potentially high-risk activity on your cardholders' accounts.

Fraud Awareness Reporting
We provide regular updates regarding portfolio activity along with fraud trends. Access your fraud awareness reporting.

Fraud Alert Reporting
We send issuer warnings about high-risk authorization activity.
Access your fraud alert reporting.

For questions you may have about fraud, please contact Discover Network at 1-800-347-6634 to speak with a fraud prevention specialist.

Card fraud is the act of deliberately deceiving another to obtain property or services unjustly. Card fraud can range from providing false information for establishing an account, to use of funds from an existing account by theft of the Card or account number.

Discover Network offers a variety of tools and services to help issuers fight Card fraud. For more information, visit our Fraud Prevention Tools.

Common Card Fraud Types

Account Takeover
Unauthorized use of a card account by any person who obtains access to that card account with the intent to defraud the issuer.

Lost/Stolen
Unauthorized use of misplaced or stolen cards.

Non-Receipt
Non-receipt or theft through the card mailing process.

Fraud Application
Submitting a fraudulent application containing stolen or fictitious identity information.

Counterfeit/Altered
Any card that has been illegally re-embossed or re-encoded.

Skimming
Unauthorized use or possession of an account through the theft of the full track data contents from the magnetic stripe of a valid card, and duplication on the magnetic stripe of another card.

Card-not-present (Mail Order/Telephone Order/Internet)
Unauthorized use of a valid account number to make purchases by mail, telephone, e-mail or Internet; and also, unauthorized purchases made at retail establishments without a card present at the point-of-sale.

Learn more about Discover Network's Fraud Prevention Tools.

Because fraud prevention and data security are major concerns in the payments industry, Discover Network collaborates with the other major card networks in the fight against fraud.

Discover Network is a participating member of several key associations that actively fight fraud, including the International Association of Financial Crimes Investigators (IAFCI) and the Fraud Reduction Committee (FRC).

To help safeguard your cardholders' information and limit data compromises, the Discover Information Security Compliance Program (DISC) establishes our rigorous data security and risk avoidance requirements, which are aligned with the Payment Card Industry (PCI) Data Security Standards.

Discover Network also sponsors seminars and lectures on fraud prevention and data security at industry events and loss prevention conferences. To learn more about these events, please contact our Help Desk at 1-800-347-6634.

For questions you may have about fraud, please contact Discover Network at 1-800-347-6634 to speak with a fraud prevention specialist.

Fraud Conviction
The merchant owner(s) and/or officer(s) have been criminally convicted of fraud.

Excessive Counterfeit Transactions
The Merchant has submitted an excessive amount of counterfeit card transactions.

Excessive Chargebacks Due to Business Practice or Procedures
The merchant has incurred a large volume of chargebacks due to faulty or fraudulent business practices or procedures. For example, charging cardholders for orders that the merchant has no intention of fulfilling, which results in a high volume of chargebacks.

Excessive Unauthorized Charges
The merchant submitted excessive sales data for card sales not authorized by the cardholder or an authorized user.

Fraudulent Activity Following an Internal Audit or Investigation
A fraud audit or investigation conducted by an acquirer reasonably determined that the merchant had engaged in fraudulent activity.

Factoring
Factoring is the submission of authorization requests and/or sales data by a merchant for card sales or cash advances transacted by another business. Factoring is considered merchant fraud, unless otherwise first authorized by Discover Network.

Money Laundering
The merchant presented sales data that was not for valid card transactions between the merchant and a cardholder.

Merchant/Cardholder Collusion
The merchant colluded with a card thief or counterfeiter to submit sales data for unauthorized or illegitimate card sales.

Violation of Merchant's Agreement or Operating Regulations
The merchant did not comply with the Merchant Agreement or Operating Regulations.

We have more than twenty years of experience safeguarding our members from fraud. We strive to work closely with our customers and implement the necessary services and effective strategies to identify and combat all forms of fraud such as:

• Address Verification Service and Information Security for card-not-present transactions
• Transaction Monitoring to detect suspicious activity
• Code 10 telephone support for suspicious situations as they occur

Account Takeover
Unauthorized use of a card account by any person who obtains access to that card account with the intent to defraud the issuer.

Lost/Stolen
Unauthorized use of misplaced or stolen cards.

Non-Receipt
Non-receipt or theft through the mail process of cards.

Fraudulent Application
Acquisition of a card account as the result of submitting a fraudulent application containing stolen or fictitious identity information.

Counterfeit
Any legally or illegally manufactured card that has been re-embossed or re-encoded.

Skimming
Unauthorized use or possession of an account through the theft of the full track data contents from the magnetic stripe of a valid card, and duplication on the magnetic stripe of another card.

Card-Not-Present (MO/TO)
Unauthorized use of a valid account number to make purchases without a card present at the point of sale.

We can help ensure your merchants maintain profitability and you maintain merchants with comprehensive identification-verification procedures and innovative card production such as:

• Card Verification Value on every card to prevent counterfeiting
• Required Authorization for every card on every transaction
• Quick reference tools and educational materials available for merchants to distribute to their employees, the first line of fraud defense

Due to the rising incidence of card fraud, prevention is a major concern. As a result, all major card networks, including Discover Network, collaborate in the fight against fraud.

Discover Network is a participating member of several key associations that actively fight fraud, including, but not limited to, the Merchant Acquirer Committee (MAC), International Association of Financial Crimes Investigators (IAFCI), and the Merchant Risk Council (MRC).

Discover Network also sponsors seminars and lectures on fraud prevention at industry events and loss prevention conferences.

Click to download free Adobe Acrobat Reader to view PDF files.

100% Authorization Requirement
We require authorization on all transactions that are submitted through the Discover Network.

Code 10: Suspicious Situations
Merchants who become suspicious during a card-present or card-not-present transaction should simply phone in a Code 10 authorization request, which alerts the issuer and protects the cardholder. As an added value, our automated authorization line will automatically connect the caller to the appropriate Issuer.

Card Verification Value (CVV)
Requiring CVV on plastics and in authorization messages helps to limit counterfeit fraud.

Address Verification Service (AVS)
For card-not-present transactions, we require merchants to capture the cardholder's address, which is compared by the issuer to the cardholder's billing address prior to authorizing.

Card Identification Data (CID)
Merchants are required to submit the non-embossed three-digit numeric code on the back of the Card for all card-not-present transactions. Please note: Storing CID is a violation of our Data Security Standards.

Discover Information Security Compliance (DISC)
To safeguard cardholder information and limit data compromises, DISC sets forth our rigorous data security and risk avoidance requirements, which are aligned with the Payment Card Industry (PCI) Data Security Standards.

Data Security
Acquirers should contact the Discover Network Help Desk within 24 hours at 1-800-347-7052 to report a compromise, or if they have data security questions.

Profile Matching Services
In an effort to assist you in proactively identifying fraudulent merchants, Discover Network procures and maintains profile information for fraudulent merchants closed by all Discover Network Acquirers in an internal Consortium Merchant Negative File. As a service to you, we systematically compare all newly boarded and updated profiles to the records in this file and electronically report suspected matches.

This information is made available to help in your decision-making process with respect to your prospective and current merchants. This service is designed to compliment your existing fraud prevention and detection tools and is not intended as the sole factor in your decision-making process regarding any merchant or person.

Fraud Awareness & Fraud Alert Reports
We provide standard reporting to help you identify merchant accounts with an unacceptable level of Discover Network chargebacks. Merchants appearing on this report may be a target for consumer fraud or perpetrating fraud themselves. As a result, any merchant appearing on this report should be investigated and, when necessary, educated or closed for fraud.

New Acquirers to our Network are provided fraud trending reports for a free trial period. These reports analyze your merchant portfolio's fraudulent chargeback activity, as well as fraudulent transactions reported by the issuer. The reporting aggregating the fraudulent transactions reported by the issuer allows you the unique opportunity to evaluate total fraud transactions, regardless of the entity taking the loss.

For questions you may have about fraud, please contact Discover Network at 1-800-347-7052 to speak with a fraud prevention specialist.

All Discover Network Merchants benefit when each point-of-sale location keeps a watchful eye to prevent fraudulent use of the cards.

• Keys to Fraud Prevention
• Standard Security Features
• Detecting Counterfeit or Altered Cards
• Keyed-in Sales Reminders
• Detecting Fraudulent Transactions
• Code 10 (sale concern)

Training is the Key to Fraud Prevention When the Card is Present!

• Regularly train new employees on how to detect potentially fraudulent transactions
• Check cards presented for signs of alteration or counterfeiting
• Compare the last four numbers embossed on the card to the last four printed on the receipt
• Make sure the signature on the sales receipt matches the one on the back of the card

Standard Security Features Common to Discover Network Issued Credit Cards

• The account number is always 16 digits, the first four of which are 6011
• A special embossed security character appears on the same line as the "Member Since" and "Valid Thru" information. It appears as a stylized "D"
• The Discover Network Card hologram has four distinct images
• The name shown on the front of the card (e.g., Discover Card, Private Issue, etc.) will appear in repetitive fine-line printing on the back of the card (or on both sides for some brands)
• The tamper-resistant signature panel has an overprint of Discover at a 45-degree angle and an underprint of VOID. The signature panel also contains a three-digit CID (Card Identification Data) in reverse indent printing

Identification and Security Features of Cards on the Discover Network

Click for a printable version of the Identification and Security Features of Cards.

Detecting a Counterfeit or Altered Discover Network Issued Credit Card

Answering the following questions will enable you to identify whether a credit card presented to you is fraudulent or not:

• Is there a stylized "D"?
• Are the last four embossed numbers different from the last four printed on the receipt?
• Do the embossed letters or numbers show signs of alteration?
• Do the lines of embossed characters appear to be crooked and/or unevenly spaced?
• Does the original signature panel show signs of alteration with white tape or paint, or is the word "VOID" exposed by an erasure?
• Is the Discover wordmark pattern in the signature panel unclear, or is it printed at an angle that differs from the standard 45-degree angle?
• Does the hologram itself appear to be damaged in any way?

NOTE: The most common way to detect a counterfeit or altered Discover Network issued credit card is the missing stylized "D."

Keyed-in Sales Reminders

• Do not key your Card sales into your POS device unless you have been previously advised to do so by the Card issuer or terminal provider. If you are having problems with your POS device, please call your POS device provider
• Obtain an authorization decision for every Card sale
• Legible imprint of card
• When imprinted, the stylized "D" MUST appear and be legible

Detecting Potentially Fraudulent Transactions

Keep a close eye on the customer who displays the following suspicious behaviors:

• Makes random purchases without paying attention to size, value or price
• Presents you with a credit card taken from a pocket instead of a wallet
• When asked, claims to have left photo identification at home or in the car
• Arrives at or about closing time and tries to hurry you through the sale
• Purchases a large item and refuses delivery
• Displays no interest in the warranty on expensive items
• Is overly slow and deliberate when signing the sales draft, perhaps because the signature is being forged

Code 10

You are the first line of defense against fraud!

If you suspect fraud: Call 1-800-347-1111 and ask for a Code 10 authorization if you have any reason to suspect the transaction or are suspicious of the customer.

Other Important Reminders:

• Your approval number does not eliminate the possibility of a fraudulent sale
• Receive a Free Fraud Awareness Training Guide to assist you with training your employees

For more extensive information on fraud prevention, including identifying the Discover Network brand, handling suspicious situations, and recovering lost or stolen cards, please consult your Discover Network Merchant Operating Regulations.

In any situation where a card is not present and you are unable to complete a face-to-face transaction, the opportunity for fraud increases.

Card Not Present (CNP) transactions have become the foundation for commerce over the Internet in addition to mail order and telephone order businesses. To assist your company in reducing fraud exposure, these helpful tips have been developed for Discover Network Merchants who are doing business in a CNP environment.

• Authorization Center
• Helpful Hints to Reduce Chargebacks and Risks
• Types of Suspicious Behavior

Authorization Center

To obtain an authorization or address verification, or to question the validity of a Discover Network Issued Credit Card, please call 1-800-347-1111.

Helpful Hints to Reduce Chargebacks and Risks

• Request and validate the Card Identification Data (CID) (the three-digit code on the back of the card in the signature panel). The CID can be submitted in the electronic authorization request or can be used when calling our authorization center
• Verify the customer's billing address, either electronically or by our automated phone system (Address Verification System-AVS)
• Check your delivery service contract for who is responsible for merchandise not delivered
• Get a signature for each delivery
• Keep all delivery records
• All declines are final. Do not force through any sales for which you have received any declined response to your authorization request
• If the sale is on a credit card, do not refund in cash or by check. Refund sales on the same card account that the purchase was made on
• Include your common DBA and customer service number on the cardholder's transaction statement
• Clearly communicate any and all delivery charges, restocking or other fees
• Clearly explain any return policies and offer documentation of this policy with each sale
• When working on a chargeback, document efforts to satisfy the customer
• Respond to all Chargebacks, even the small ones (remember, this is your customer)
• Duplicate charges, or installment plans, unless otherwise stated, require an authorization for each sale

Types of Suspicious Behavior
Please consider that these are only indicators of higher-risk transactions. One behavior alone may not be a concern.

• New customer attempts to make a very large credit card transaction
• Customer doesn't know the Card Identification Data (CID) found on the back of the card, indicating that they don't have the actual card
• Customer's address does not match when attaining an Address Verification
• Shipping to an address other than the billing address
• Customer asks that you try lower dollar amounts when a decline message is received
• Customer instructs you to try different expiration dates when initial attempts fail
• Customer hesitates, or has a long pause, when asked for personal information
• Customer repeatedly sends e-mail messages requesting confirmation of shipment
• Customer attempts to place multiple orders to the same address
• Customer attempts to purchase large quantities of a single item
• Customer purchases several large-ticket items, which do not go together, e.g., appear random
• Customer calls a few minutes before closing and wants several large-ticket items
• Customer requests that sales be split up to avoid paying "import taxes" and/or "duty fees"
• Customer requests shipment to an overseas destination
• Customer seems overly concerned about delivery time frames to overseas destinations
• Customer attempts to place a large order using several credit cards to obtain the total authorization amount
• Customer offers the phone number to an authorization center to speed up the credit card approval process
• Customer has little regard for price
• Customer shows little or no concern for return policies, manufacturer warranties and/or rebates when purchasing in large quantities

*Please refer to your Discover Network Merchant Operating Regulations for further Card Not Present (CNP) requirements with respect to the submission of sales.

If there is a breach in your system, notify Discover Network Security within 48 hours at 1-800-347-3083.

Click here to learn more about our Data Security guidelines and our DISC program.

For more extensive information on fraud prevention, including identifying the Discover Card brand, handling suspicious situations and recovering lost or stolen cards, please consult your Discover Network Merchant Operating Regulations.

In our efforts to assist our Merchants that conduct e-commerce transactions, Discover Network is a proud sponsor of the Merchant Risk Council. Learn more.

Fraud Prevention Supplies

Card Slick

Internet Best Practices
When you consider how fast and inconspicuously Internet transactions can occur, building in safeguards is critical. Review your Web site for the following:

• Clearly identify your company name on the site, on each page if possible
• Include your common DBA and customer service number on the cardholder's transaction statement
• Offer a street or P.O. Box address (some people may not want to utilize e-mail) as contact information on your Web site
• Offer a customer service telephone number
• Clearly identify all features of a product or service
• Clearly communicate any and all delivery charges, restocking or other fees
• Clearly identify your company's return policy and shipping time frames and offer documentation of these policies with each sale
• Disclose the information security policies and processes your business has in place

Protecting Customer Information

• Truncate all credit card information
• Do not store any CID data in your records or on any type of sales data
• Secure your site. Data MUST be stored in a secure environment that is protected by firewalls from your Web site or access over the Internet. This data should be password protected with limited authorized use
• Do NOT store any customer or credit card information on your Web Server

If there is a breach in your system, notify Discover Network Security within 48 hours at 1-800-347-3083.

Click here to learn more about our Data Security guidelines and our DISC program.

For more extensive information on fraud prevention, including identifying the Discover Card brand, handling suspicious situations, and recovering lost or stolen cards, please consult your Discover Network Merchant Operating Regulations.

In our efforts to assist our merchants that conduct e-commerce transactions, Discover Network is a proud sponsor of the Merchant Risk Council. Learn more.

Fraudsters are using selected merchant's Web sites to test "sequenced" credit card numbers. Sequencing is a common practice among fraudsters where potentially valid credit card numbers are generated through the use of hacker programs. These programs, widely available on the Internet, take a known "good" account number and attempt to extrapolate additional account numbers based on the issuing sequence. The fraudsters need to test these generated accounts to determine which are valid, prior to using them fraudulently. Discover Network Security has found thousands of "sequenced" number tests in the last several months at retail Internet sites.

We have determined that the Internet sites chosen by fraudsters to test generated account numbers share common characteristics in the "checkout" process. Most important, sites chosen for testing all returned unique error messages based on the specific problem with the order. Also, sites chosen for testing, rejected orders with mismatched customer billing information.

For example, if an invalid number was entered at checkout, the site might return an "Invalid Credit Card" message to the user. However, if the card was valid but there was mismatched customer billing information, a different message such as "Unable to process order, please verify billing information" might be displayed.

It is this difference in the two messages that confirms for the fraudster whether or not the generated account number is valid. And, because the fraudster enters fictitious billing information, no sales are ever completed. This allows the fraudster to test one generated account number after another in a very short time.

The result is potentially thousands of fictitious orders to your site, and thousands of erroneous authorization attempts on consumers' credit card accounts. A positive test also allows the fraudster to commit more egregious fraud elsewhere.

Discover Network Security recommends the following in order to prevent fraudsters from using your Web site to test fraudulent credit card numbers:

• Use a single, common error message in the checkout process, regardless of the type of issue. Remember that it is differences in error messages that identifies whether or not a generated credit card number is valid
• Set a maximum number of errors allowed in the checkout process. Fraudsters may attempt dozens of account numbers at a time. Automatically canceling an order after three to five errors will disrupt the fraudulent activity, while allowing for honest mistakes by valid customers

Implementing these recommendations will minimize the utility of your Web site for this type of fraudulent activity, reducing a potentially heavy volume of fraudulent transactions.

Fraud Prevention Supplies

State laws aimed at reducing credit card fraud mandates that the customer copy of receipts printed by POS equipment print only the last four digits of the credit card number (example: XXXX XXXX XXXX 1234) and suppress the expiration data. The merchant copy of receipts will continue to print the entire card number and the expiration date.

For questions you may have about fraud, please contact Discover Network at 1-800-347-3083 to speak with a fraud prevention specialist.