ADDRESS VERIFICATION / CVV2

In the middle of each approval code there will be a 4 letter combination.
Y:1234567891234567:NNNP:123456789123

1. The first letter is for the street number.
2. The second letter is for the zip code.
3. The third letter is for both the address and zip code combined.
4. The fourth letter is for the CVV2 (security code) which is the last 3-4 digits on the back of the credit card.

AVS RESPONSES
YYY	Both address and zip code matched
NNN	Both address and zip code did not match
NYZ	Only zip code matched
YNA	Only address matched
XXG	No system available to verify address, possibly an international credit card

CVV2 RESPONSES
M	Code matched
N	Code did not match
P	Code was not entered

You can also find these responses by doing a search for "AVS" on the LinkPoint Central Help section.

CONNECT

The following steps will help you prevent fraud using Connect. This change will require that you verify each order individually. First you will need to make sure orders from your web site are submitted as preauth. Look for the following code first:
<input type="hidden" name="txntype" value="sale">

You will need to either add the following code or make the following change on your web site:
<input type="hidden" name="txntype" value="preauth">

Once you have made the change you will need to log into LinkPoint Central and verify each order.
You will need to verify orders on a regular basis.
Click on Reports on the top menu and then click on Orders
Scroll to the bottom and click on "Submit Query."
Under the shipped column, the orders will be marked as N.
Click on the order number to view the details of the order
Scroll down and look for the approval code, it is a long string of numbers and letters.
Y:1234567891234567:NNNP:123456789123

You want to verify that the billing address and zip code match.
You may also want to verify that the order is not being shipped to a different address.
After verifying the response for the address verification you will need to decide whether to process the order.
If you declide to process the order you will need to mark the order shipped.

API

There are two methods for incorporating the address verification system (AVS) to prevent fraud using API. These methods are not built into the gateway or the API so you will need to develop them using a web programming language such as PHP, ASP, Perl, ColdFusion, etc. Address verification can not be done without doing an authorization on the credit card.
NOTE: Make sure you are also passing the address a second time using the <addrnum> field.

EXAMPLE APPROVED RESPONSE
r_ref	0003480327
r_message	APPROVED
r_code	1234560003480327:NNNM:100010342106:
r_approved	APPROVED
r_avs	NNNM

METHOD 1
Submit an authorization (PREAUTH) for the full amount.
Verify the AVS response from the gateway.
If the information is correct then submit a post authorization (POSTAUTH) to collect the funds.
NOTE: This option is feasable if you only allow the order to be submitted once or twice.
Each time the credit card is authorized it will place a hold for the amount.
This hold will be automatically released by the credit card issuing bank within a couple days.

METHOD 2
Submit an authorization (PREAUTH) for $1.
Verify the AVS response from the gateway.
If the information is correct then submit the transaction as a SALE for the full amount.

MAXMIND
You can also add a layer of security by using the minFraud service provided byMaxMind.
Here are some of the features provided:

• Checks whether country of IP address matches billing address country
• Checks whether IP address or billing address country is a high risk of fraud.
• Checks whether the customer phone number is in the billing zip code.
• Checks whether the billing city and state match the zipcode. (US addresses only)
• Checks whether the country of the issuing bank matches the billing address based on the first 6 digits of the credit card.
• Checks whether the customer service phone number(located on back of credit card) matches the phone number entered by the customer.
• Overall risk score based on results