At no other time have consumers made such a tremendous shift to digital use and eCommerce. Consumers were already moving towards a more digital life, but recent events created an unprecedented shift towards eCommerce. This increase in digital activity has also led to a remarkable rise in eCommerce fraud. Online merchants have no choice but to prioritize the management of eCommerce fraud.
With consumers’ aggressive move to a virtual shopping world, managing eCommerce fraud is more important than ever.
And as we say, where the money goes, so do the fraudsters. Reports show that during the first quarter of 2020, more than a quarter of all transactions were fraud attempts. This represents a 20% increase over the last three months of 2019. But it’s also the highest attack rate seen by researchers.
Fraudsters are opportunists. They will gravitate toward the easiest way to commit fraud successfully, or to the place least protected. They know businesses are experiencing an increase in traffic but may not yet have teams in place to monitor fraud. Now is the perfect time for them to exploit the opportunity. If your business accepts payments online, then you absolutely must pay attention to fraud prevention and management tactics.
At the same time, consumers expect a fast and convenient buying experience with minimal friction. The challenge for retailers? Keeping the payment transaction as painless as possible for the customer while also verifying their identity and then protecting it.
Fraud tactics are a moving target and cybercriminals are sophisticated. Counteracting fraud is a game of cat and mouse. Each time we create new security measures, cybercriminals find a way around it.
Merchants can't fight fraud alone. eMerchants must create a layered approach to cybersecurity if they’re to effectively reduce eCommerce fraud.
First, merchants need to commit to Best Practices in eCommerce sales. Staff should be taught to recognize fraud tactics used in eCommerce fraud. Online merchants must partner with an experienced merchant account provider that understands the importance of managing online fraud. And, lastly, merchants must implement fraud management strategies and tools and protect against fraud threats attempts.
How much does fraud cost eCommerce merchants each year?
These aren't your garden variety thieves. Today’s online fraudsters are very smart and tech-savvy. They’re able to create and pull off elaborate schemes to get what they want. Whether that be data information or free products.
U.S. retailers incurred a cost of $3.13 for every dollar of fraud committed in 2019. Forecaster Juniper Research estimated retailers could lose up to $130 billion due to card-not-present fraud by the year 2023. And that estimate was made before the recent massive shift to a digital economy.
Many things contribute to the breadth of costs that businesses incur because of fraud. There is the cost of the goods lost as well as the refund to the innocent customer. There are the fees associated with chargebacks and all the labor costs involved in fighting and managing them. But possibly even more detrimental to business is the potential loss of loyal customers.
Businesses that experience a data breach, or large fraudulent event, risk losing their good reputation and customers for life. Customers that have been a victim of fraud often stop using that service and turn to competitors for their needs.
Where is eCommerce fraud most prevalent?
Everywhere, on every type of device, and in many ways. Cybercrime networks operate on a global scale. A recent cyber crime report 2019 found that cyber crime “is operating on a global scale in vast, interconnected networks that are unrestricted by regional, country, or industry borders.”
What we know:
Consumers are using their phones to purchase items now more than ever. Of 19 Billion transactions, 67% were on mobile phones. More than that, 72% were done within an app as opposed to a mobile browser.
Cybercriminals seem to prefer attacking mobile payments and apps. Mobile fraud attacks saw a 56% rate of growth YOY. This is the first time mobile attacks have outpaced that of desktop attacks. Mobile apps saw a 171% growth in attack rate over web browsers.
Ecommerce fraud can entail many types of fraudulent actions. The most obvious being the use of fake or stolen personal or credit card data. We refer to this type of fraud as true fraud. But fraud can come in less obvious forms as well.
Then there is friendly fraud. This is the hardest to accept. Fraudsters are bad, but your own customers? Friendly fraud occurs when a customer mistakenly files a chargeback on a purchase they actually authorized.
One interesting finding from the True Cost of Fraud Study is that eCommerce businesses experience as much friendly fraud as true fraud. The study found that friendly/chargeback fraud accounted for 39% of losses, while 36% was due to true fraud. And for many eMerchants, losses due to friendly fraud outweigh those from malicious fraud.
It just goes to show that it's just as important to manage your chargebacks as it is to fight crime.
How to manage eCommerce fraud and protect your business.
There are several measures a merchant can implement to help reduce fraud. Some will help lower your incidence of friendly fraud and others help reduce true fraud.
First, it's important that your website meets industry best practices for real consumers. Be picky about whom you partner with for your eCommerce merchant services and payment gateway. Lastly, make use of the robust fraud management and prevention tools available to you.
Follow industry Best Practices on your eCommerce website.
- Part of following industry Best Practices is striving to provide superior customer service. Remember, more than a third of your fraud can be attributed to “friendly fraud”, or customer chargebacks. Luckily, there are a few things you can do to help reduce the chance of a chargeback.
- Proudly display your shipping, refund, and return policies as well as your customer service contact information. Make sure that your customers clearly understand what you provide and how to get help.
- Fulfill and ship orders on time and provide customers with tracking information. Keep the communication lines open with your customers. Many times a customer will file a chargeback when an item takes too long to reach them.
- Another thing you can do is take care to ensure your charge statement descriptors match your store name. Businesses tend to use an LLC or other formal name on the credit card charge statement. This can be very confusing for the customer who may not recognize the business name. Many times people will submit a chargeback simply because they don't recognize the charge on their credit card statement.
- Use dual authentication measures for customer account creation. Having customers provide an alternate email or cell phone number can reduce the incidence of fictitious account creation.
Partner with an experienced high-risk merchant service provider.
Experienced high-risk merchant account providers know what solutions will best serve your particular business model. They’ll have experience getting your account approved and provide you with a reasonable rate.
An experienced merchant account provider will already adhere to security standards set by the Payment Card Industry (PCI). This means not only following standard security protocols but also maintaining your annual PCI compliance.
They will provide you with a payment gateway that has a PCI Level 1 certification - the highest certification available.
When accepting payments, applying certain protocols to the transaction helps weed out common fraudulent transactions. For example, you want to always apply the use of CVV and AVS tools. AVS stands for address verification service. This verifies that the billing address matches the cardholder’s address on file with the card issuer. Fraudsters may have a stolen credit card number, but they won’t know the cardholder’s address. With AVS, the merchant can decide to either reject or accept mismatched addresses or flag them for further review.
CVV stands for credit verification value -the 3-digit number on the back of a credit card. This helps determine if the user has the physical card in their hand. Again, fraudsters may have a list of stolen card numbers, but they will not have the 3-digit code.
Requiring this code during a transaction reduces successful fraud attempts. But it goes beyond safety. It can also qualify the transaction for a lower interchange rate, helping to keep your processing costs down. It is not 100% since a physical card can be stolen, but it will suss out most fraudsters.
Watch out for certain types of activity that help to signal a potential fraud:
- A bulk order or an order that’s larger than normal for your business.
- If the shipping address is in another country than the billing address.
- The shipping and billing address does not match (doesn't always signal fraud).
- If they paid for overnight or fast shipping.
- Multiple orders with different cards to the same address.
Then there are attacks that you can't easily see. These take sophisticated algorithms to detect. For instance, IP spoofing and device spoofing involve making it look like the fraudster is located at the victim’s address and/or is using their device. These are triggers that you wouldn't be able to pick out unless you had time to pour over every single one of your transactions.
This type of fraud requires more sophisticated fraud prevention software. And many times, it simply can't be prevented.
To fight eCommerce fraud implement a robust fraud prevention software system.
Installing fraud prevention software is the best way to make your business less susceptible to fraudulent attempts. The software scrubs transactions based on a set of rules and blocks any transaction that triggers one or more of the preset rules. This allows it to attack fraud from many angles and take multiple factors into account at once.
Fraud prevention software uses advanced machine-learning technology and algorithms to analyze and compare multiple sets of data. It will analyze information based on IP geolocation, device fingerprinting, address verification service, and card security codes. Then it will compare it with additional information based on customer purchasing behavior, transaction histories, and other preset factors.
Access to this information enables it to assess the potential risk of each transaction and flag potentially fraudulent attempts.
In order to be a successful eCommerce business, you must take a proactive approach to the hardships of the industry. Unfairly high rates, increased chargebacks, and fraud are all inherent hardships of eCommerce. At MonerePay, we understand this.
We specialize in providing the most cutting edge tools available in the payments industry. Our first mission is to bring transparent and reliable payment processing to our eCommerce clients. And then stand by them and support their continued success in any way we can.
At MonerePay, we’re dedicated to providing merchant services with the highest level of professionalism. All our advisors have undergone the rigorous ETA -Certified Payment Professional certification. This designation is rare for representatives within the payments industry. With us, you can rest assured you’re working with an advisor who is highly educated in both the industry and solutions offered.
To learn more about how we can help you better mitigate fraud, click the button below. One of our Certified Payments Professionals is ready to consult with you.