The card networks assess a fee for AVS services. AVS fees are applied per transaction and are relatively small; Mastercard, for instance, charges $0.01 for card-not-present charges and $0.05 for card-present charges. So, while it’s certainly not a massive cost, it is worth noting that you do have to pay for the privilege of using AVS, whether it stops fraud or not.

Credit card information is often stolen in huge data breaches, then sold in bundles on illicit websites. If a fraudster has access to a stolen card number, they may have the customer’s name and address as well. This would render AVS essentially useless. The tool can tell if the purchaser knows the card’s correct billing address, but it can’t guarantee that the purchaser is the actual cardholder.

Fraudsters have gotten better at understanding the system’s limitations, such as its sole focus on numeric data. If the street number and the zip code match, for example, AVS will consider it good, even if the name and street are completely different. Fraudsters can also afford to think long-term, as in the case of bust-out fraud. AVS could never catch these fraudsters.

Currently, AVS operates in the US, the UK, and Canada. However, eCommerce has made ordering from anywhere simple and convenient. As we mentioned above, one of the codes an AVS search could return is “International,” meaning the buyer is in a country not supported by AVS. If any percentage of your business is coming from other countries, AVS alone won’t be much help.

There are many legitimate reasons why a given address might not match whatever address the bank has on file. For example, forgetting to update one’s mailing address after a move. Being too lax in reviewing questionable transactions can leave you vulnerable to fraud, but being too aggressive with “risky” transactions is bound to yield false positives.

False positives cause frustration and inconvenience for the customer. The industry refers to this phenomenon as the “customer insult rate,” which is a measure of how many customers are negatively impacted by a decline. If this rate climbs too high, your business could run the risk of long-term reputation damage. 

As mentioned earlier, one limitation of AVS is that it relies on shortcuts to check addresses. By comparing street numbers and zip codes only, AVS tools may inadvertently produce false positives or negatives. More fundamentally, an address check is ultimately just a stand-in for what you really want to authenticate, which is the buyer’s identity.

AVS isn’t a cure-all for all types of fraud. For example, it’s powerless against chargeback fraud, as it’s committed by otherwise legitimate customers who obviously know their own billing addresses. It also can’t prevent return fraud or any other type of post-transaction first-party fraud, since these scams are likewise perpetrated by authorized users who know their billing addresses.