I came across some forums where some service providers of BIN (Bank Identification number) numbers offered those for sale. There are a lot of great Credit Card Anti Fraud providers that offer access to those numbers, however, the credit card association like Visa and MasterCard do not accept any member sharing them.
What are the BIN numbers used for ? If you Accept Credit Card Payments on your website or even Offline through a Virtual Terminal, then you can quickly compare live transactions against the BIN’s to validate the credit card number, also if a card is stolen, it will be listed as Stolen Card in the BIN database. So you will like to have an up to date BIN database to be effective.
So it is a question of where those numbers are released. If you Accept Credit Card Payments you will properly have faced fraud, fraud like someone that have bought a product or service from you and then made a chargeback or fraud where your credit card processor notified you that the transaction for a certain transaction was fraud due to wrong or non existing address or the card number is from a stole card.
What can you do about it? You will need to find a solution provider which is specialized in Credit Card Fraud on the Internet; you will be interested in looking at services like MaxMind or similar. The only problem is that most services only offer you a limited range of options to prevent fraud. They do offer you key data and some offer you a Management Interface where you can set up a few rules but so far no one offers a complete solution which protects you against fraud and where you can customize the system to meet your business requirements, sorry, there are a few companies but most small and medium sized companies cant effort the costs for it.
A good alternative would be to get those BIN numbers which I explained at the beginning of this post; however you will need to build your own script or software to use the BIN’s effectively. It makes no sense to buy them and just compare your Internet credit card transactions against the database, it needs more.
The question is; why does the card association not release this information the authorized payment service providers or at least let those companies compare their data against the BIN’s it would increase fraud dramatically. It is a question which will be left unanswered, sorry.
A theory could be that it is for security reasons and because the card association and its members not have full control of each and every payment gateway provider to make sure that they don’t release it to unauthorized people. This obviously is true, since if they had, there would not be that many companies offering the BIN’s for sales.
A good advice, if you offer your customers to pay online at your website and you also want to Accept Credit Card Payments, than use the tools available, even if they are not sufficient it is better than not have anything and just see the charge backs coming.
This posts contains the opinions of CCLOGIC LLC and its authors and don’t the opinions of neither the Card Association nor other Payment Service Providers.
