Ask HN: How does Basecamp accept CCs without billing address?
Example: https://signup.37signals.com/basecamp/Premium/signup/new?source=basecamphq.com
I thought the customer ALWAYS had to give a billing address on top of their Credit Card to prevent fraud charges.
How does Basecamp charge with no address?
9 comments
[ 10.5 ms ] story [ 48.8 ms ] threadThe only two NECESSARY pieces of data are the CC number and the expiration date. ZIP code drops some of the risk, and, accordingly, drops a fraction off the percent you're charged by the processor.
On the web app we're about to launch, we only have the number and the expiration date. I'm hoping to get my act together to do some A/B tests, but we're going into it assuming that we'll do better with fewer fields to fill out.
Collecting a billing address or not doesn't do much to stem fraud when you're not shipping anything physical. Unless you're going to have your customers sign and mail/fax written authorization, you're going to have a hard time disputing chargebacks regardless.
It is easier to see the thief's risk/reward proposition when ordering a large screen TV with a stolen card than then signing up for a $50\month service. There as soon as you are discovered you loose access to the data that was the whole point anyway.
Not sure how Brain Tree handles that thing.
37Signals, and OrangeSlyce (my company) use Braintree which provides a VERY innovate solution called "Transparent Redirect". It allows you to accept credit cards directly on your site, with your domain, but the form posts directly to Braintree, and transparently redirects back to your site so the customer never leaves your domain. It's very cool stuff and I don't know of any other merchants that offer this.
Most importantly, the CC data never even enters your environment.