How can I prevent fraud while respecting customers' privacy?
As an ecommerce merchant, I want to protect my business from fraud while respecting customers privacy. However, the same tools our customers use for privacy (VPNs, Privacy Respecting Email Services, PO Boxes, etc) are the same tools used by fraudsters. What can I do to strike a balance between preventing fraud and respecting customers' privacy?
Can you enforce 3D-Secure for those high-risk users? This would allow you to shift liability to the issuing bank so that you don't have to do invasive fraud checks/tracking yourself.