Firms depending on the AVS system for credit card address verification put themselves at risk from fraudsters, 3rd Man has said.
One of the most commonly used anti-credit card fraud systems could actually be making the problem worse, analysts at tech firm 3rd Man have claimed.
According to the firm, Address Verification System (AVS) is vulnerable to exploitation by credit card thieves. The system is used by firms to verify the ID of customers, and works by checking the address on file at the card company against the card's billing address. Specifically, house numbers and numbers contained in the customer's postcode are combined to make a special 'AVS number', which is then kept on file.
Internet and mail order firms are particularly vulnerable to compromised cards, as they have no way of verifying addresses other than the AVS number. Andrew Goodwill at 3rd Man explained: "What we’ve observed is that fraudsters are now compromising and using card details where the genuine cardholder’s address numerals exactly match the address they want delivery to…so, not only are they obtaining goods fraudulently, they have them delivered to their chosen address."
He added: "This is a serious problem, one that fraudsters have not only cottoned onto but are exploiting in significant volume. Retailers relying on AVS, or where a retailer will only deliver to the billing address, are facing a potentially huge risk."
3rd Man's comments come after the revelation that the data of around 38,000 credit card customers of clothing retailers Cotton Traders have been hacked by an online fraudster. Last year, TK Maxx also suffered a similar hi-tech data breach.
Compare Credit Cards via money.co.uk
