Recently I’ve run into a couple issues with stolen credit cards being used on my site.  There are a lot of things you can do to prevent it in the first place, for example only allowing the billing/shipping address to match.  Unfortunately this is an unreasonable thing to do as many people order things and have them shipped to friends/family as gifts, work, etc.  It most likely wouldn’t be worth the money lost in having this policy.

While there is unfortunately no fool proof method, there’s quite a bit of research you can do, especially for US orders.  Here’s some of the stuff I’ve done, please feel free to comment with further ideas or anything else that you may do.

• Make sure the AVS code is a match.  You can see what all the codes mean here.  I can’t think of any instance other than human error why the AVS code should not match.  For those that don’t know generally having the AVS code helps prove that the customer has the actual card in-hand.
• If a billing/shipping address are a match I feel that you are pretty safe to ship an order without worrying about fraud.
• Call the customer if you have any concerns.  While somebody using a stolen credit card may lie on the phone, you may be able to catch something.  Sometimes they even use the billing phone #, so you’ll end up calling the actual person that owns the stolen credit card and you’ll find out right away when they have no idea that something was ordered from you.
• Google the e-mail address with quotes around it.  Something may turn up that shows you it’s the person that actually ordered.
• Google the billing and shipping address and see what comes up.  Street view on Google Maps is a great feature.  While it may seem somewhat shallow, when you have a billing address which shows some sort of nice huge house, and a shipping address that shows a crappy looking house…that should raise a flag.
• Google the name with quotes around it.  You may have to add the state or city name into the query if it’s a common name.
• Search the name and e-mail address on sites like Facebook, LinkedIn, MySpace, etc.
• If the e-mail is something that looks like a screenname, Google that portion.  For example if an order is placed under something like mrpowerman2738@yahoo.com, search “mrpowerman2738″.  They may use this name on things like forums or anything else that may help link the order validity.
• Use a site like IP-Lookup to get information on the IP.  This can help make sure that the billing or shipping location is the same as the IP.  Have an order going to Nebraska, but the IP is from Croatia?  That’s a red flag to do some research before sending out an order.
• Sometimes you end up calling a mail forwarding company that international customers use to forward shipments to their country.  This is fairly common from what we’ve seen, but also has a potential for fraud. You can speak with the company and have them either look up the suite # or the name and verify that the information is correct.  Sometimes you can even make sure the last 4 digits of the credit card match when they opened up the freight forwarding account.  Companies like Bongo do a security check before accepting customers to open an account with them, so they can verify the validity of an order.

Of course none of the above can guarantee you won’t have issues, but if something seems fishy you’ll at least have some steps you can take to help verify an order.  Generally if something seems too fishy, I’ll contact the customer and tell them we’ll need another form of payment like a wire transfer.  You take the risk of losing a sale by doing this, but you also stop the potential for sending out an order and not getting it back while losing the money on a chargeback.  Just explain to the customer that you’ve had problems with credit card fraud and because of certain reasons their order raised a flag.  Alternatively I’ve even had customers scan in their drivers license with the billing address.

I’m sure there may be some better methods out there, so I’d love to hear your feedback.  How does a company like Amazon help defeat fraudulent orders when they do so many transactions per day?

My next post will be about what happens if the product has already been shipped and you find out it was ordered with a stolen credit card.  What can you do about it?  Stay tuned!

What Is MAP?

MAP stands for minimum advertised price.  Essentially it’s something that manufacturers can use to enforce their sellers to not advertise their product for a price lower than X amount of dollars.  For example if I am a manufacturer that makes a cell phone, and I have three different stores that sell it.  I can set MAP pricing to $199.99, meaning none of those stores can publicly advertise the phone for less than $199.99.   The Supreme Court has said that utilizing a MAP is legal and does not represent a violation of U.S. antitrust statutes.

How Does MAP Benefit Both Parties?

As long as MAP is strictly enforced, it can be extremely beneficial in my opinion for both the manufacturer and seller.  Lets look at some of the reasons:

• By maintaining a higher price point, the product retains its value, which in turn is better for the brand image behind it.
• Enforcing a MAP can allow some of the small business players to compete with the big guys.  For example, if I have a widget that is being sold under a MAP at Mom & Pop Shop as well as Wal Mart…we both know that Wal Mart has the upper hand in terms of purchasing quantity.  Generally increasing quantity purchase means they can also get a lower price, and then use that buying power to lower the retail price, therefore not giving Mom & Pop Shop a chance to even touch the pricing.  If MAP is enforced, both Mom & Pop Shop as well as Wal Mart would sell for the same price, even if Wal Mart may be paying less per widget.  This gives everybody a chance to compete, but as a benefit to Wal Mart for buying more, they make more profit per sale.
• Price wars will not occur between your sellers, which drives pricing down.  We’ve seen this first-hand, especially in marketplaces like eBay.  10 different sellers on eBay trying to sell a product can turn a profit that was once a healthy margin into literally pennies on the sale.  Sure, this is great for the consumer in terms of price, but imagine the customer service and company behind a sale where they make practically nothing and are hoping for sheer volume just to make a few bucks.  More than likely you are going to get treated like shit, or there will be other negative things like aggressive upsells, selling your information, etc.  Remember, everything comes at a cost.
• By making all sellers follow the same retail pricing, sellers will need to come up with more creative ways of promoting and selling a product aside from simply marking the price down.  With the higher margins that everybody can make on the product, it will allow for budgets to do such things like offer better customer service.  This again can become a significant method of positive brand image reinforcement for the manufacturer that just wouldn’t happen any other way.
• By maintaining a MAP, and ensuring their distributors are holding their resellers to a MAP policy, it allows room for wholesale pricing to work.  I can’t tell you how many times I’ve seen a wholesale price, while I could literally find a seller selling for less than that.  The whole business structure behind reselling and wholesale just doesn’t work if pricing isn’t properly enforced.

As I mentioned above, all of the benefits can only be had if the manufacturer (and wholesale distributors) were to ensure that the MAP policy was strictly enforced.  It takes just one seller adjusting their price by 5 cents with no reprecautions from the manufacturer to mess things up.  It’s vital for the manufacturer to not play “favorites” with their bigger sellers.  Manufacturers as a penalty should threaten to freeze sales for a seller if it is found violating MAP, or even go as far as taking legal action against the seller.

Other Concerns and Problems and Notes

There are certain workarounds and situations that should be of concern.

• It’s much easier for a distributor or wholesaler to not adhere to MAP policy for their resellers.  For example if I am the manufacturer, I sell to a wholesaler, who in turn sells to a store.  As a manufacturer you would need to be adamant about ensuring your distributors are adhering to policy for the stores they are reselling to.  If you find a store selling below MAP, find out who the distributor is if it’s not direct, and threaten the distributor.
• There are workarounds for getting around an advertised price.  For example I’m sure you’ve seen sites like Amazon who do things like “Click here to see the price in your shopping cart”.  This is a way for sellers to somewhat get around pricing.
• If you look at it from the manufacturer standpoint, they make the same amount of money regardless of whether or not the seller is making high margins, or pennies on the dollar…they are still buying the product for the same price from you.  So it’s easy for them to not care as long as somebody is buying the product.  They should consider the different factors up-front and if they want to set a MAP policy, be sure to adhere to it going forward.

Your Thoughts & Opinions

I’d like to openly ask both store owners as well as manufacturers to respond in the comments (feel free to do so anonymously) about what your thoughts and experiences are.  Am I out of line here?  I can see that this may be less concern in a brick-n-mortar outlet, but online I believe it’s extremely crucial.  Are there other advantages and disadvantages I haven’t thought of?

Yesterday I got an e-mail from somebody saying that they had gone to my site and their anti-virus software popped up a message saying their was a trojan. I didn’t see anything on the site, so I asked them to send me a screenshot of the error. Once I saw the screenshot, I saw a call being made to a data.js file, which is not something that I would make a call for or uploaded in that location. I checked the site in IE, and sure enough there was the call. Somebody had been able to get it on the server and create that file. I had been compromised.

The first thing I did was rename the file and check through the rest of the site to ensure nothing had gone into affect or been messed with. I seemed to have gotten lucky here. I called my host to see what steps can be taken. They told me to delete the file and follow all steps here which was extremely helpful.

You can go through the above document if you run into the same issue, but I’ll give a high-level overview of the two most important things to do.

Change ALL Passwords

I went through and changed all of my passwords. Think of everything you have passwords for, and change them. Make sure to use strong passwords (mix of upper and lowercase, numbers, and symbols). I changed everything from my host dashboard password, to database passwords, to username passwords (ex: Wordpress), etc. You have to assume that if your server was compromised, they have your passwords. Changing them will lock them out.

Back Everything Up

I created an archive of my entire web folder and databases. Make sure you always have backups. This is a given, but the event was an eye opener of a reminder.

I got lucky that nothing worse occurred and that somebody brought this to my attention in time. To help prevent this, change your passwords and backup your data often.

When I was first setting up an actual store for Carbon Fiber Gear, I went to Amazon to see what I could do about selling some of the unique products I was carrying on their catalog.  I found that they have a Seller Central program, where you pay $40/month and a tremendous 15% transaction fee (albeit – it does include the ~3% credit card transaction fees) to be able to sell your products on their store.

I thought it would be a great opportunity not only for me to get my products out there, but also for Amazon, since there was a decent number of products that weren’t on their store…and I have the mindset that Amazon wants to sell everything possible.

So I signed up to see how it would go.  While I wasn’t selling a ton of things through Amazon (in fact there were probably months I lost money), it was still ok enough for me to keep going.  My problem comes down to the fact that I ended up getting a few bad feedback, that were all promptly resolved…yet Amazon still decided to close my account down due to it.  Lets run through the what happened, and the 4 pieces of bad feedback I got out of the close to 100 transactions we made:

1. Customer orders a wallet late on 12/13.  It ships on 12/16 via USPS Priority Mail.  Without contacting us, she leaves a 1 (1 is the worst and 5 is the best) feedback rating because the product didn’t arrive.  Two days after she leaves her feedback, the product arrives.  She does not change her feedback, and we provide a seller response stating what happened.
2. Customer orders a iPhone case, it was damaged in shipping.  Customer leaves us a 1 rating feedback, and then contacts us for a resolution.  We of course offer to accept the product back for a replacement, unfortunately things sometimes get damaged in shipping, and it’s outside of our control.  The only thing we can do is offer the best customer service.  We never hear from customer, customer never changes feedback.
3. Customer orders a license plate frame.  It also ended up being damaged in shipping, and without contacting us, leaves us bad feedback.  We found out that we accidentally sent a prototype version of the frame that was prone to the backing falling off…the production version completely resolved this issue.  Without ever contacting the customer, or them contacting us, we sent him two of the new frames, along with a carbon fiber keychain, and a personal note explaining the situation.  The customer gets in touch with us, thanks us for everything we did, was happy with the new product, and goes back to Amazon to modify his rating and feedback.  That update I’ve yet to see in Amazon’s system.
4. Customer orders a carbon fiber money clip that ended up having a few minor imperfections in it from the manufacturer.  He leaves bad feedback, but does not contact us.  We get in touch with him, send him a replacement that we made sure was perfect, he is happy with the new product, and he updates his feedback and rating on Amazon.  We have not seen this get updated in Amazon’s system either.

Then there are 3 feedbacks that are perfect 5’s.  So out of close to 100 orders, we get 3 perfect ratings, 4 bad ratings – 2 of which were changed to perfects and 2 of which there was nothing else we could have done to try and fix the situation.  From my perspective we’ve offered the best possible customer service we could, we’ve sent feedback to the manufacturers we work with to ensure their products are perfect and they take the feedback we send them to heart.

Yet, even explaining each situation Amazon still closed our account…permanently…and forever, and we were told via e-mail…we were not given an opportunity to speak to anybody in person.  The response we got was:

Thank you for writing. We have considered your request for reinstatement and decided that your account will remain blocked.

A seller’s negative feedback, refunds and claims reflect a seller’s overall performance. High rates of these criteria generally indicate that buyers are experiencing unsatisfactory transactions.

Even though in reality everything we did was ok, and we didn’t happen to have the other 93 or so customers leave good feedback…so it looked like percentages of bad feedback was extremely high compared to good (4 to 3)…and it wasn’t even put into consideration that two of those had changed their feedback, even though I don’t see an update on Amazon’s side.

It just really sucks from our perspective, I was hoping to develop a great relationship with Amazon as we continued to grow…not only in sales, but also in the uniqueness of our products on their store.  I was extremely displeased with the sort of canned responses we were getting.  I mean we’re paying $40/month and we were giving them 15% of our sales, the least we could ask for is the opportunity to speak with a human.  I hope this isn’t an indication of where Amazon is moving as a company.

Anyways, that’s that, and so we close that chapter.  It’s also a reminder to not put all of your eggs in one basket, because you never know what can happen.  Running a business is a constant rollercoaster of ups and downs, unfortunately this was a big down!

As many of you know, I launched Carbon Fiber Gear back in December of 2007.  For over a year it stood fairly stagnant, not really getting much attention or updates from me, and then I started to take it pretty seriously.  So how has it grown in that amount of time?

It’s not the biggest site in the world, but it has been growing pretty rapidly lately, and I haven’t had one month where the amount of search engine traffic hasn’t grown.  The site has been ranked on Google’s first page for the term “carbon fiber” which has definitely helped things move along.

With the site I’ve tried to have at minimum 2 new posts per week on the editorial schedule.  That way my readers know to expect new content.  This has surely helped drive traffic, and gain more SE visibibility.  Take a look at this chart which shows the amount of traffic from search engines on a monthly basis since the site started:

Lately, I’ve been seeing a good 15-20% growth per month.  When the numbers are starting to get this high (20,000 uniques/month), it’s really starting to make a huge difference on the bottom line.

To help capitalize on this newfounded traffic, I’ve recently redesigned the site to better promote older content (since the content mostly is not time sensitive), as well as promote other sections of the site (like our store).  In turn I’ve found that our pageviews per visitor has gone up, and our bounce rate has come down.  Huge wins!

My main point of this post is that while I’m nowhere near the amount of traffic I’d like to ultimately bring to the site, they are decent numbers…but look at how much time it took to get there.  Don’t give up if you don’t see results over night.  It takes time to build up a site and really generate a loyal userbase, if you keep pumping out good content, things will happen.

All credit for this goes to hongkiat.com, I’m simply re-posting because I find this to be extremely useful, and like to note stuff like this on my own blog.

Although recognizable, the Feedburner chicklet that displays the number of subscribers is ehh.  I’d much rather be able to stylize the number itself and fit it into my own design.  Wouldn’t it be nice if you can pull the number out of the chicklet and do whatever you want?  You can, and it’s extremely easy!  You can see I just implemented this on the sidebar on Carbon Fiber Gear:

Of course that number can be styled however you want it using CSS.  So how do you get it?  Simply put this code somewhere in your Wordpress template (Mine is in sidebar.php), and make sure to replace the “feedburnerid” with your ID in the $whaturl line:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

<?
	//get cool feedburner count
	$whaturl="http://api.feedburner.com/awareness/1.0/GetFeedData?uri=feedburnerid";
 
	//Initialize the Curl session
	$ch = curl_init();
 
	//Set curl to return the data instead of printing it to the browser.
	curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
 
	//Set the URL
	curl_setopt($ch, CURLOPT_URL, $whaturl);
 
	//Execute the fetch
	$data = curl_exec($ch);
 
	//Close the connection
	curl_close($ch);
	$xml = new SimpleXMLElement($data);
	$fb = $xml->feed->entry['circulation'];
	//end get cool feedburner count
 
	// Use $fb to print out the number of subscribers
	echo 'Join the <i>' . $fb . '</i> subscribers';
?>

You’ll need to make sure the feed count service is activated. To do that, login to your Feedburner account, hit the “Publicize” tab, and then go to to Feed Count. On this page you’ll need to activate the service. There you have it!

I had been following the development pictures of the next generation Nissan Z for years, and finally official information was released.  The car looked promising in pictures, but I wasn’t 100% sure…I had to see it in person.  Luckily, Nissan’s Follow The Z Tour came by my neck of the hoods and gave me the opportunity to see the car in person.  Like the new Maxima, when pictures were released I was somewhat weary about how it would look in person.  When I finally saw it, I thought it was drop dead gorgeous, 100 times better than the media circulating around.  I was hoping the new Z would be the same.

After seeing the new 370Z, I can honestly say that I’m not dissapointed.  I didn’t get the same “oh my god” reaction I got with the Maxima, but it does look much better in person than in pictures.  It gives off a much more aggressive look with it’s edgier lines than previous models, something I really love about it.  The new headlights are to die for, and the car just looks all around cleaner.  The interior has been hugely improved, and there is a lot more cargo space due to no more rear strut bar in the way.

There were two models at the event, a blue and yellow.  I obvioulsy was only able to look at the cars, but I’d be dying to drive one around for a bit and see how it has improved (hint hint Nissan )

Nissan did a really nice job with the car, it has already grown on me tenfold from first seeing it.  I look forward to getting behind the wheel of one in the near future and giving my opinion of that as well.  Here’s a little video I did from the event, also, to see all the pictures (including in high-res) see the flickr set here.

I received an e-mail from Amazon today with a really cool promotion that they’re doing called Customers Vote. Basically it allows you to vote on a total of 6 different rounds deals on products at pretty ridiculous prices (ex: the first week has PS3 bundles starting at $199 instead of a list price of $574+). Each round has 3 different deals that you can choose from.

Each round of deals is tied to a specific day, so the PS3 stuff is for the first day which is November 27th (Thursday – Thanksgiving). If you get randomly selected, you’ll see an e-mail the day before letting you know. That means you should then login early on Thursday as you’ll have the opportunity to buy the product. Keep in mind that there are going to be a lot more participants selected than products available, to it is a race to try and buy first. There are a good number of products though, for example there are going to be 500 of the PS3’s.

This is somewhat familiar to Amex’s My Wishlist, but I actually like the way it works better. Generally for those doing Amex’s My Wishlist, the servers always get pounded, and a majority of the time the site goes down…pretty annoying. By Amazon pre-selecting the participants, I’m sure a big part of the reasoning behind that is to limit how many people are hitting the site. This way there should be no server issues, and you’ll know from the get go whether you’re too late or not.

This is a great promotion from Amazon for a few reasons:

• It’s a cool promotion, hey, it got me writing about it
• It will get people onto the site and looking at products. Amazon is known to have a very high conversion of visitors:buy ratio. Getting visitors to the site is the main step.
• The promotion page links to the products they are selling at a discount. This helps the conversion:buy process, and should help generate some sales simple for awareness factor.
• They are not giving the products away. A PS3 bundle which they normally sell for $574 is being sold for $199, which means they aren’t giving away their true cost. If they were to give these bundles away it would be $287,000 worth of product. Let’s say there is a 30% margin on them, they end up giving away $200,900. Instead,? they are charging $199 for 500 units, which is about $100,000. That means they are really only giving away about $100,000 of true dollars…a savings of $100,000.

If you haven’t already done so, get over to the Amazon Customers Vote page, and vote for each of the 6 days to try and get some deals of your own!? If you happen to win, make sure and post in our comments to let us know.

Thanks to Scott, he made me aware of an awesome little piece of software to help do some usability testing on your site. It’s called ClickTale, and it will literally show you a video of what a user is doing on your site, among many other features. I gave it a shot on Carbon Fiber Gear to see what some people were doing on the pages where I was selling products. Wow, I can see where people are moving their mouse, what they’re clicking on, how long they look at each section, etc. It really tells me a lot about how a person uses my site, and allows me to design accordingly. Check out this video that explains the whole thing:

ClickTale has a free package that offers 100 recordings every week (400/month). Simply sign up, place some code in your header and footer, and you’re good to go. Anything over that will cost you…but if your site isn’t very big, it’s more than enough.

Keep in mind there are some privacy concerns regarding this. According to ClickTale’s own terms of service, you’re required to disclose in your privacy agreement that you’re using it.

Give it a shot and let me know what you think. Did you find out anything new about your readers/customers?

I’ve made the official migration for this site from DavidPitlyuk.com to DavePit.com. You’ll see that all URL’s will redirect to the new URL. You’ll also notice that all URL’s are now shorter!? For example the post for the 2009 Nissan 370Z used to be:

http://www.davepit.com/2008/11/17/2009-nissan-370z-first-thoughts/

Now it is:

http://www.davepit.com/2009-nissan-370z-first-thoughts/

The new domain name is part of the migration that I had announced when I launched this new design. My next task will be to work on cleaning up all of the categories, and the posts within them.

For those interested in how I did the migration, in case you are interested in doing the same…I will provide the steps I took:

Backup Files

The easiest/fastest way for me to do this was to login via Telnet/SSH (I use Putty as the software to do this). Go to the directory you need to backup, and then type

tar cvf filename.tar .

This will back everything up in the directory to a .tar file. Simply download that tar file and reupload to your new server. On the new server, you’ll want to untar it by using this command in the same directory:

tar xvf filename.tar .

This will untar all of your files onto the new server. Trust me, doing this is MUCH faster then downloading all of your files via FTP.

Wordpress Configuration

I was doing everything on the same server, so I didn’t have to do anythign with the database. If you are using a different server, you’ll have to backup your database, and then restore it on the new servers database.

Since I was doing everything on the same server, I simply logged into Wordpress, went to settings, and changed the domain names to davepit.com. This changed the database config to the new domain, and automatically started calling the files on the davepit.com domain.

While in the Wordpress admin, I also updated these:

• All In One SEO Tool plugin – Renamed everything as needed
• Sitemaps plugin – Rebuilt the sitemap for the site to map the correct domain

Update Template Files

Go into all of your template files, and make sure to change any references you have from the old domain to the new domain.

Update Old Domain References In Content

You could go through your SQL database files and replace any references of your old domain to your new domain…but an even easier way is to use the search-regex plug found here. The plugin once installed allows you to search for anything in your content and replace it with something else. I simply searched for all the references to images using the old domain, and replaced them with davepit.com. Same thing with links. Now all of your content is calling the right files.

.htaccess Configuration

You’ll want to update your .htacess configuration on both domains to make sure you’re URLs are doing what they are supposed to. To get all of the old url schemas shorter, I added this line (Thanks WPRecipes!):

RedirectMatch 301 /([0-9]+)/([0-9]+)/([0-9]+)/(.*)$ http://www.davepit.com/$4

This will ensure any links that are going to the old URL’s automatically redirect to the new ones. Plus, it will allow the search engines to know the pages have moved, and start indexing the correct new URL’s without punishing me (since there is no page not found errors). While I’m at it, I also set the domain up to always redirect to www.davepit.com, even if you go to just davepit.com. The code for that is below:

Options +FollowSymLinks
RewriteEngine on
RewriteCond %{HTTP_HOST} ^davepit\.com [NC]
RewriteRule ^(.*)$ http://www.davepit.com/$1 [L,R=301]

Now we’ve got DavePit.com all setup…but we want to make sure people that are still going to DavidPitlyuk.com get redirected. Simple!? I setup a .htaccess file on davidpitlyuk.com with the following code:

Redirect 301 / http://www.davepit.com/

Perfect!? Now our URL’s are going to the right places!

Google Webmaster Tools

You’ll want to setup the new domain on Google Webmaster Tools so Google can appropriately crawl and index your content.

Thanks to Mubs from Suffolk Software for some of the help in figuring out the above work.