Recently it’s come to our attention that customers can check out with billing details which are incorrect, and the order is processed without any additional authentication. It can be an incorrect address which is not linked to the credit card, the wrong name which isn’t linked to the card, and incorrect CVV code. This feels very unsecure and we are sure that this cannot be right. Typically, on other websites, there will be a processing page where it connects to the bank merchant, this doesn’t occur either.
We’ve tested this ourselves and despite several tests inputting incorrect details, orders are processed and fraud analysis rating is still ‘low’. Has anyone else noticed this issue? Are we missing something?
Dealing with this now - received chargebacks with low fraud alerts and upon checking out the order after the chargeback was made, the billing address was incorrect. Is there any way to block orders with a wrong billing address?
I’m sorry to hear about your issue. You can’t natively block orders where the address is incorrect through Shopify because defining an “incorrect” address is impossible since new address are created/removed all the time. Also, the same address can be written in many different forms and combinations. Example: “123 example st” versus “example street 123” or even “123 example s”.
What you can do to mitigate this is to flag or block orders where things like the zipcode is not found or the billing address name does not match or even if the geolocation of the address is not found, etc… using a third party app like Beacon.
I am having this issue as well and for shipping addresses I understand what you stated but billing addresses are linked to the card itself. Other sites block transactions automatically. There has to be something we are missing here.