Back to resources

Detecting Fraudulent Payments with Terminal 🕵🏽️

Fraudulent payments are one of the many risks businesses have to manage when they decide to sell their products online. Learn how Terminal can help you manage the risks of fraudulent payments.
terminal app

Fraudulent payments, are one of the risks businesses are exposed to when they sell products online. Today, online payment platforms make use of advanced fraud detection technology that detect potential threats e.g. Radar from Stripe. With technologies like Radar, threats are dealt with in the background with businesses only alerted when action is needed. While this technology acts as a first line of defense, it is important to note that these systems are not perfect. In our experience with Radar for example, we've noticed delays in detection of fraudulent payments, which lead to damages for the business in the form of charge backs.

With this in mind, the most important line of defense is you. Careful analysis of the information received from online orders can help you detect fraudulent activity in advance, and help to avoid charge backs. We've written this post primarily to make you aware of some of the common patterns we've seen in fraudulent payments. We will also tell you how you can validate payments with your customers when you notice such patterns. Finally, we will conclude by giving you a list of best practices that help you manage the risks of fraudulent payments.

Common Patterns in Fraudulent Payments

1. Billing & Delivery Address Mismatch

Perhaps one of the most common patterns we've noticed in fraudulent payments, is when the shipping address for an order does not match the billing address provided. When an order is placed on your website, your customers are required to provide a billing and shipping address for each order. Terminal helps you perform this check with each order, so it's a good idea to visit your dashboard and confirm that both addresses are the same when an order is received. If both addresses match, you will see a confirmation on the order page as shown in Figure 1. If there is a mismatch, a warning will be displayed on the order page encouraging you to verify the billing address with the customer (Figure 2).

It's important to note that even though a billing address does not match the shipping address, it is possible that the customer placed the order on behalf of someone else in a different location. In this case, reaching out to the customer to verify that they have a connection to the billing address can help you judge the situation.

Figure 1: Billing and Delivery Address Match ✅
Figure 2: Billing and Delivery Address Mismatch⚠️

2. Series of orders to same address

Another common pattern we've seen is when a customer places a series of orders within short intervals to the same address. In this situation, the first order is usually a litmus test of the online payment platform. Once successful, the perpetrator proceeds to make a series of transactions until the payment instrument is declined. With this pattern, the orders are usually small to avoid suspicion so it's easier to miss for stores with high volume of transactions.

3. Unusually large orders

Uncommonly large orders can also be an indication that the payment transaction is fraudulent. While this is not always the case, it is a good idea to verify the information provided with the customer before fulfilling such orders. Terminal will now flag orders that are significantly larger than the average transaction rate.

4. Customer location does not match billing location

When the location of the customer does not match the billing location, it could be an indication of a potentially fraudulent payment. Later this month, Terminal will help you detect this pattern by displaying the location of the device where the order was placed. If the distance between the two locations is significant, then it's also an indication that the payment could be fraudulent.

Validating Suspicious Payments

When you suspect a payment is fraudulent, the next step for you is to validate the information provided in the order. Payment validation of can be done in a number of ways:

  1. The best way to validate a suspicious payment is usually by contacting the customer to ask about the order. Sometimes a credit card thief will give the actual cardholder’s phone number and other times, it will go to a disconnected number. In any case, communicating with the customer can help you make a make a final decision.
  2. If the conversation with the customer is not satisfactory, you can request that the customer provide documentation e.g. a copy of the customers identification or a recent bank statement for their bank account. This information can be used to verify the customer's identity as well as ensure the customer has a connection to the billing address provided. Fraudsters are usually hesitant about providing personal information, so if there's any hesitation or reluctance to comply, you should refund the order immediately.
  3. Finally, you can do a Google maps search of the shipping address provided to make sure it is not a UPS store or other parcel forwarding service.

Best Practices for Preventing Fraud

Even after taking the above measures to verify a payment, it's possible that you're still not convinced a payment is valid. In situations like this, the best practices below can help you make a final decision.

  1. Refund any payments you suspect are fraudulent as soon as possible. You reserve the right to cancel an order so if you're not convinced that a payment is valid, simply refund the order. In the Dashboard, select the order and click refund payment.
  2. Consider instituting a 24-48 hour shipping delay for high-value orders or shipments to non-verified addresses or first-time customers. This policy can also help automated systems like Radar detect fraudulent payments that were missed at the time of payment.
  3. Contacting customers by phone or e-mail to confirm their details before fulfilling an order can give you time to verify if a payment is legitimate. Contact information that doesn’t belong to the customer or fails to work may indicate a fraudulent payment. A nonsensical or evasive answer is also a typically a good indication of potentially fraudulent behavior. Keep in mind that even phone or email responses cannot guarantee that the person responding is the true cardholder.

That's all from us on detecting fraudulent payments with Terminal. If you have more questions, suggestions or are interested in learning more, shoot our team an email at

Stay Vigilant! 🕵🏽️