I'm currently integrating with Stripe [1] to handle subscriptions to a SaaS product.<p>I would like to create a minimal form for collecting credit/debit card details.<p>With respect only to charging a user for a subscription, the details I need are that of the card: card number, expiry date and card verification code. The collection of these fields alone is sufficient for charging a card.<p>I am concerned that the fewer details collected in the payment form, the greater the chance of a given transaction being fraudulent.<p>Instead of collecting cardholder details (name on card, billing address) what measures, preferably technological, can I take to reduce and/or minimise fraud?<p>In other words, what behind-the-scenes, automated measures can I put in place to reduce fraud without having to ask the user for anything other than the credit card number, expiry date and cvc?<p>[1] http://stripe.com/
Credit a small amount to your new customer's account. Then contact them and ask them to tell you the amount. If they stole the credit card they will likely not be able to check account balance and answer your question.<p>Usually fraud is a problem for physical goods or one-off digitals, not recurring services.<p>(PS - Paypal fraud detection is horrible)
Anytime you collect less info, it makes your fraud screen less intelligent. But it is all a balancing act and much more an art than science to keep consumer inconvenience to a minimum while not having more chargebacks than you or your merchant account provider can live with.