But this is software as a service -- if fraud is detected 48 hours later, it seems like Adobe should just be able to disable the user's access at that time. They didn't lose anything by letting the user use Photoshop for two days.
> They didn't lose anything by letting the user use Photoshop for two days.
But they did. If they don't catch the fraud before capturing the funds, then they'll find out about it when the real card holder charges back the unauthorized payment. Now they:
1) Lose the $10-25 chargeback fee.
2) Risk their ability to accept Visa and MasterCard cards at all if their chargeback rate exceeds 1% for multiple months.
The harm of payment fraud is not the lost product or service. Payment fraud is a direct threat to the very existence of an eCommerce business; the ability to accept payments from customers. If your merchant account is terminated for too many chargebacks, your company and all its principles are added to the MATCH/TMF (Terminated Merchant File) lists which all banks/issuers must consult before opening an account. They're essentially banned from accepting credit cards for life, for that business or any future venture.
Considering Adobe's software has historically been among the most pirated, I wouldn't be surprised if they have a significant number of people trying to buy it with stolen card numbers. Brand new phished CC#s can sell for just $1-2, the software's worth $500-1000... I imagine if they didn't have some serious mitigation effort in place they'd already be out of business.
Then why can't Adobe send a key, wait to verify 24 hours and then if it's fraudulent then take the money out 24-48 hours later.
It means the user would get to use the program for 24 hours if they ARE fraudulent but then they can de-authorise the key.
Seems like an easy way to provide a good service to the customer and alleviates the problems with fraud to the same level they have now.
Also keep in mind that this is a pretty expensive software package, so I would think they should have a team that works on this.
