Jump to content

"Manual" approval of first order/payment


whmfhh

Recommended Posts

I've seen people here recommend manual approval of the first order from a customer as a way to reduce fraud. I'd like to do that, but I looked in WHMCS and I don't see how to set it up. Can I configure new accounts to have no automated billing, and then turn it on manually after I determine that they look legit?

 

I presume I am just not thinking about this the right way...

Link to comment
Share on other sites

I dont see that this would be a problem, if you were selling a tangible product that could be stolen from you and not paid for I would agree. As you are selling a service, if they dont pay, stop their service, agreed this is prolly not the answer you were looking for but it's the easiest solution as changing payment recurring billing methods would from what I imagine be non recurring is a great task if you get 100-200 customers sign up in one fell swoop.

 

Keep the recurring billing BUT monitor your unpaid invoices and suspend them as needed. Good paying customers will be your vast majority but the few who like to chance their arm are few and are easier dealt with as the minority rather than assuming you will get them "all the time"

 

Hope this helps and good luck.

Link to comment
Share on other sites

What would be great is an "authorize only" option for gateways like auth.net, so that all could go through as normal, and even still allow for automation, while being able to easily pull the plug pre-capture if fraud is, in fact, caught. I'd love to be able to carefully manually review each order in addition to other fraud filters.

 

Or does WHMCS already enable authorize only? Haven't seen it; doubt it. I do know that we left auth.net some time back because that had to be configured in the billing solution and not at auth.net.. stupid, really.. but, we're now switching back.

 

Chargebacks. We've been hit soooo many times when we would have caught them before capture if given the chance.

Link to comment
Share on other sites

Slightly off topic but re chargebacks.

 

We use paypal and worldpay. The only concern we have about first orders going through without manual approval are domain names. Worldpay (for this very reason) stopped us from offering domains for registration for more than 2 years at initial sign-up. Hosting can be stopped without any cost if we look at an order after it has been activated and find it too risky. Domains cannot.

 

But our maximum risk for the convenience of automation is the wholesale price of 2 years for a domain.

 

Re the chargebacks themselves. We avoid them mostly now by reviewing all orders and manually refunding the payment before any chargeback action is taken.

 

We stop all orders from free email addresses at the order source using the configuration options and also, if the IP address does not match the country of the card, that is also a manual stop. At present we do that manually, but are hoping, (once we go live with WHMCS) to use maxmind to intercept these and more to improve our stats further.

 

That's the theory anyhow.

 

Chargebacks. We've been hit soooo many times when we would have caught them before capture if given the chance.

 

I'm not familiar with auth.net, but can't you do the same, after capture?

 

Si

Link to comment
Share on other sites

auth.net = Authorize.net. It is for a real merchant accounts, meaning that your business accepts CCs directly through your bank.

 

To your point, you could monitor the transactions and refund the payment, but doing capture only first allows manual review BEFORE any service is turned active.

Link to comment
Share on other sites

Slightly off topic but re chargebacks.

 

I'm not familiar with auth.net, but can't you do the same, after capture?

 

Si

 

We can certainly refund after capture, but this doesn't necessarily solve the chargeback problem. With a "real" merchant account, it doesn't matter if you catch it manually, refund it, etc. - - if a true cardholder catches something before you do (or even sometimes after you do), and files a chargeback, or reports a card stolen, you still get hit with that $25 (or whatever) fee, and it still counts towards your risk assessment.

 

Thankfully, we have a decent history and relationship (now) with our processor, and they don't bother us much when our chargeback rate seems to be increasing. But for that first year there we lived in constant fear of losing our merchant account.

 

Being able to authorize only and catch problems pre-capture makes a real difference for us. Thanks for the tip, Trine - I will definitely add it to my list.

 

 

Neil

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated