I saw the following article about this subject, link list below. This brought to mind about a similar experience two of our merchant had back a few months ago. First let’s take a very slight peak into the dark world of stolen credit cards. After credit card numbers are stolen, they are listed on a virtual black market to be sold to other fraudsters. They are sold in bulk. The fraudsters purchasing them have no idea which are still good or not. This is where an e-commerce website come into play. Also charitable organizations tend to be favored because of fewer barriers. The criminals favor e-commerce website because no one is present and the testing take place out of site. They can high jack the use of the site for running test transactions. This is done by a very sophisticated manner using bots and scripts repetitive tasks at lighting speed. Attempting hundreds of card payments online in minutes. If this happens at your site, it will cost in transactions fees just for the test. Any good payments funded can later results in charge backs. If you have too many charge backs that exceed a threshold, per the card brands may results in the shutdown of your merchant account.
You need to protect your business the ability to take payments online without becoming a victim of the card testing by fraudsters. Review your security setting and be sure you turn on email notification in your gateway. In some gateways you can also limit how many transaction will be allowed to go thru in a day. It’s called daily velocity. If you use authorize.net you might want to consider their Advanced Fraud Detection Suite by using Authorize.net 13 fraud-fighting filters and tools.
Last if you find you are attacked, turn off your gateway at once until you have made your site secure to stop the testing.
If you have questions about this subject or other concerns related to Point of Sales Systems or credit card processing, contact us anytime via email firstname.lastname@example.org or call us at 727-916-7294