Credit Card Validation Testing – 5 Ways To Protect Your E-Commerce Site

by | Jan 28, 2021

The ever-evolving world of consumer shopping is frequently improving ways for businesses to accept online payments. But as the industry becomes more technologically advanced, online fraudsters are finding new ways to slip through the digital cracks and obtain sensitive customer data. One method to be particularly aware of is Credit Card Validation Testing.

What is Credit Card Validating Testing?

Credit Card Validating Testing is a scheme which uses advanced software and tactics (bots and scripts) to test the validity of large batches of stolen credit card numbers and details. This typically occurs with non-secure, e-commerce payment pages. Thieves are looking for an open, non-secure payment page to “test” cards for validity. The cards that get a positive response are later sold on the dark web.

In order to prevent Credit Card Validation Testing, it’s imperative that your website includes a secure payments page with multiple layers of fraud protection.

Here are five security tools to help protect your payment page from fraudulent activity:

Address Verification Service (AVS)

AVS compares the billing address provided by the customer with the billing address associated with the cardholder’s credit card account. If the two entries do not match, the bank will flag the transaction, You’re sent a response code detailing the address comparison. From there, you can decide whether or not to approve the transaction based on the bank’s response.

Cardholder Verification Value (CVV)

A CVV is the three- or four-digit number on credit cards. It verifies whether the customer has a physical copy of the card in their possession. Similar to AVS, the CVV numbers should match the one on file for the card-issuing bank. If there is a discrepancy, the transaction should be rejected.

Username and Passwords

Having customers use unique login credentials to make online purchases adds another layer of protection to your payment page. Be sure to require strong passwords. Strong passwords have a blend of capital letters, small letters, numbers and symbols. Monitoring failed login attempts also helps you take preventive measures to prevent fraudulent activity.


Geolocation is the ability to track the exact location of a computer or networking device using an IP address. Similar to AVS, Geolocation technology compares the billing address (where the merchandise will be sent) to the location of the IP address of the online customer. If the online shopper is in one location, but their shipment is going somewhere completely different, it could indicate a potentially fraudulent transaction.

Email Address Verification

Email Verification is the process of verifying if an email address is valid.  If it is, the odds are it belongs to a real person. The purpose of verification is to ensure a real person will receive and interact with your email. This is a simple and effective way of weeding out card testing bots. Many bots use disposable email addresses containing suspicious formatting, characters, and domain names.


International Bancard is committed to protecting and educating our clients on fraud prevention. We help make credit card fraud prevention manageable and understandable, so you can focus on selling your product.

Contact International Bancard to learn more about fraud protection and keeping your business safe.