E-Commerce Check-out Form Guidelines

When a customer has made his or her selection and is ready to place an order on an e-commerce website, the check-out payment information form should be designed to collect all data that is needed to enable the merchant to validate that both the card and the cardholder are genuine and to decide whether or not to proceed with the processing of the transaction.

In order to limit your risk exposure and the potential losses associated with it, you should define the data fields that will help you identify high-risk transactions, and require that customers complete these fields before making a purchase.

• Key data fields you should require in your check-out information form:
  • Telephone number. If a transaction is identified as high-risk, you can validate the phone number using reverse directories.
  • Email address. Anonymous email services typically present higher risk.
  • Cardholder name and billing address. As with telephone numbers, the cardholder’s name and billing address can be validated using directory look-up services when needed.
  • Shipping name and address. If the shipping name and address are different from the billing information, the transaction’s risk level raises substantially. Some merchants have decided not to accept orders where the shipping information does not match the billing data.
  • Card Security Codes (CVV2, CVC 2 and CID). Card security codes are the three-digit numbers found in the signature panels on the back of Visa, MasterCard and Discover cards and the four-digit numbers found slightly above and to the right of the account numbers of American Express cards. These numbers were introduced to help e-commerce and mail order and telephone order (MO / TO) merchants verify that their customers are in a physical possession of their cards at the time of the transaction. You should attempt to review, rather than automatically decline, mismatches when no other risk characteristics are present.
• Indicate which data fields your customers must complete. Once you have decided which data fields should be required in your order check-out forms, you should indicate that they must be completed before the form is submitted. You can use color to highlight them or bold fonts, or asterisks to achieve that. You should also provide an explanatory note to your customers, informing them that the highlighted fields are mandatory.
• Verify required data and allow editing in real time to reduce risk exposure. In particular, consider implementing the following procedures:
  • Instantly notify your customers when required data fields are incorrect or incomplete.
  • Ask your customer to correct the data he or she provided if it was not complete or submitted in the required format.
  • When requesting that your customer returns to the form and make corrections, identify the fields that require completion or correction. Again you can use color to highlight them or bold fonts, or asterisks to do that.
  • When corrections are required, allow your customer to fill out the incomplete or omitted fields while retaining the previously entered information. Customers are easily (and justifiably) annoyed when they are sent back to the payment form and have to fill it out all over again, just because they missed a single field.

Image credit: Usscospeaks.com.