Skip to content

All about AVS: The imperfect credit card fraud detection tool

Join our mailing list

Signifyd regularly publishes free reports packed with business insights, commerce trends and data from our massive Commerce Network. We’ll only email when we have something meaningful to share, no more than once per week. And of course you can unsubscribe any time.

Key points

  • Address Verification Service (AVS) is one tool merchants can use to detect suspicious credit card transactions and prevent credit card fraud.
  • As fraud evolves and becomes more complex, an integrated fraud strategy using multiple data points is the best defense.
  • Ecommerce leaders should understand AVS limitations for cross-border retail.

Data is one of the best tools that retail leaders have at their disposal. The personal data gathered from orders, user profiles and payments reveal a lot about the customers you’re trying to reach. But don’t overlook the business intelligence from orders and payments. Information points like Address Verification Service (AVS) codes can help you streamline your enterprise fraud management and order review processes. 

In this short series of articles, we’re sharing insights into what AVS is and how this type of data can help produce more accurate fraud decisions.

How AVS codes help determine order approval and fraud detection

The Address Verification Service (AVS) is a tool provided by credit card processors and merchants’ issuing banks that can help detect suspicious credit card transactions and prevent credit card fraud. 

It’s just one of the many data points for ecommerce merchants to consider for fraud protection. As credit card transactions continue to dominate in retail payments, AVS is widely used by many major credit card companies. 

AVS checks help merchants fight fraud on each order by comparing the shopper’s billing address with the cardholder’s billing address on record at the card-issuing bank. The credit card processor sends a response code back to the merchant with data that indicates the degree of address matching. That code helps determine which credit card transactions may be accepted or declined.

This type of automated fraud checking is a huge help for ecommerce merchants, as it removes the need to manually review every credit card transaction to determine if the billing and shipping addresses match up. It’s a lightning-fast decision that the consumer never sees, so their shopping experience can continue without interruptions. 

Here are a few of the most common AVS codes and their decision meanings:

Good Bad
US/UK/Canada Y, X, W, Z, A, 3 G, N, R, U, S, E
International D, M, B, P, F C, I

For specifics on what each code means, consult our Fraud 101 page here.

Why AVS alone isn’t enough to prevent fraud

Ecommerce merchants need all the help they can get when fighting fraud. A Bank Info Security article published in January stated that card-not-present fraud is projected to grow 14% between now and 2023. While AVS eases the burden of manual review on ecommerce orders, it’s far from a rock-solid solution.

One drawback of AVS comes directly from its origins. Since it was created by Mastercard and grew to be widely used by other credit card associations like Visa and American Express, the card associations dictate the transaction rules that banks must adhere to if they want to participate in the network and issue association branded cards. Likely, it means that rules and policies that put the card associations’ best interests first — and may not consider the ecommerce merchants’ needs for fraud protection at all.

The position merchants find themselves in when it comes to AVS is not unlike what they face with chargebacks: a common problem for both card associations and merchants. Both assume significant risk when a customer tries to file a claim to get their money back for a purchase that they claim never arrived or wasn’t what they ordered. Shipping and inventory responsibilities fall to the merchant, not the card associations. And yet, it’s the card associations dictating the circumstances in which a merchant can contest a chargeback. For certain kinds of chargebacks, a merchant may not have representment rights at all, and possibly be forced to accept the chargeback.

A major flaw of AVS is that it’s only used for transactions in a few countries. As you read on our table earlier in the article, the United States, Canada and the United Kingdom use the same set of codes while other countries share a different set of codes. AVS isn’t as widely used outside of the U.S./Canada/UK group, and it’s not clear which countries are included in the international group.

Data opens a dialogue about your ecommerce operations

AVS can’t do it all in ecommerce fraud protection. At best, the verification system can start a dialogue on the orders that need further investigation. Ecommerce leaders can become more empowered when they have access to more business intelligence about their retail operations. 

In the next edition of our deep dive on AVS, we’ll take a look at why AVS shouldn’t be the only data point driving your fraud detection processes. We’re also sharing how other credit card payment authorization data works with AVS to improve fraud decisioning for better order approval rates — like CVV. Finally, we’ll drill down into the limitations of AVS in helping retail leaders make more informed choices for their fraud management strategies. 

Photo courtesy of iStockPhoto

Chris Martinez

Chris Martinez

Chris is a content strategist at Signifyd.