Triangulation fraud is a growing eCommerce fraud scheme that involves a fraudster who poses as a legitimate merchant. He inserts himself as a sort of middleman between a real merchant and a genuine purchaser. But there are actually 4 entities and/or people who’re unknowingly dragged into the scheme.
Here’s how fraudsters pull it off:
A fraudster will position himself as a legitimate merchant by creating an ecommerce store, or setting up as a seller in a marketplace such as eBay or Amazon. They list items for sale, often at a lower price than most merchants selling the same products. They never actually possess the items they list for sale.
When an unsuspecting customer purchases an item from them, they, in turn, go to the merchant they are targeting. The fraudster buys the item from the legitimate ecommerce website with stolen credit card credentials.. They use their buyer's address as the delivery address. The merchant ships the item to the buyer. The fraudulent merchant never “pays”' for the product since they used a stolen card. They get away with keeping the entire amount paid by the genuine buyer as profit.
Eventually, the victim of the stolen card realizes there has been an unauthorized purchase on their card and reports it to their card issuer. The issuer files a chargeback with the merchant, who ends up losing both their product and the profit.
Sometimes, prior to further investigation, the original buyer can look like the fraudster. It can look like the buyer is the one who used a stolen credit card to purchase their goods. It is only once the data is tracked they can see the buyer is not the one who initiated the purchase on the good merchant’s site.
Most fraud attacks involve the fraudster acquiring products with stolen credit card credentials. Triangulation fraud allows fraudsters to bypass products and go straight for the cash.
Most of the time, this type of scheme is orchestrated by a team of fraudsters, rather than a lone wolf. They will usually find merchants they can easily target and submit a series of fraudulent transactions for varying products over a length of time.
Fraudsters often target smaller merchants who sell commonplace and smaller dollar items such as cosmetics and electronics. It can be difficult to realize you're being targeted with triangulation fraud until you learn the common warning signs.
This type of fraud can be very damaging for merchants who fall victim to the schemes. Not only do they suffer the losses from the fraudulent purchase, they also incur significant costs of increased chargebacks. Merchants experience brand damage as customers lose confidence in the security of their ecommerce store.
Triangulation fraud involves several individual purchases with one targeted merchant. This results in a quick influx of several individual chargebacks being filed against the merchant. For merchants, every $1 in fraud costs $3.60 in fees and losses. But a significant increase in chargebacks will raise a merchant's chargeback ratio. And high chargeback ratios have a significant impact on merchants. If a merchants ratio exceeds the allowed threshold, the processor can levy fines, enroll them in a chargeback monitoring program, or have their merchant account frozen or shut down.
Fraudsters are smart, opportunistic, and innovative. There will always be new schemes. Fraudsters continue to find better ways to hide, and they adapt quickly.
But the good news is so are the developers committed to fighting fraud. Fraud detection software developers and analysts are ever-vigilant, innovative, and passionate about winning the fight. Thankfully, that means merchants have access to strong fraud fighting solutions.
The best way to combat fraud is through a layered approach. Merchants should employ standard fraud detection measures coupled with data analytics and screening procedures. The goal is not to become a victim in the first place.
Always use Address Verification Services (AVS) and Card Verification Value (CVV) authentication tools for your online transactions. This will help deter the use of stolen credit cards where the fraudster wasn't able to acquire all the cardholder data.
Enable gateway tools designed to detect transaction anomalies. A robust eCommerce gateway will include tools to help detect anomalies in transactions. Most of the time they just need to be enabled, and some may come with a small per-month fee. Tools like geolocation, device fingerprinting, velocity rules, behavior analysis, and enriched data capture can help automate detection.
For instance, if there are multiple transactions for the same item, from the same geolocation, being shipped to addresses all over, and ones that don’t match the billing address, that is a red flag.
Depending on your risk level, it may be worth investing in enhanced fraud prevention solutions that include AI and Machine learning. Analyzing multiple data points helps the system determine bad transactions from good ones. This helps merchants generate better data, which in turn leads to better decisioning. And helps to reduce the dreaded false decline.
If merchants want to maximize eCommerce profits, they have to combat fraud and reduce chargebacks.
Fortunately, if merchants are proactive, much of these types of fraud attempts can be nipped in the bud. Merchant account providers, processors, and gateway providers continue to develop innovative fraud solutions for merchants.
Fraud detection and prevention measures are meant to make it difficult for fraudsters to be successful. Those same measures can cause friction for legitimate customers. Especially when they reject or flag genuine purchases, known as false declines. Merchants must walk a fine line. They must find a balance between the right amount of authentication and providing a pleasant customer experience.
To create the best fraud strategy for you, enlist the help of your merchant account provider. Fraud prevention systems are customizable, and for good reason. Each business will have different needs based on several aspects of their particular business. Some things to consider include the sector you're operating in, the threat level, and the organization's risk capacity.
At MonerePay, security is top priority. Our robust eCommerce gateway was designed to exceed Data Security Standards with a PCI Level-1 Certification. Merchants can choose from numerous modules to truly customize their level of fraud capacity. This allows merchants to set levels for vetting, blocking, and reviewing flagged transactions that fit their particular needs.
To learn more about our eCommerce Payment Platform, robust payment gateway, and our powerful Business Intelligence Reporting tools, call us today.
Or click the button below and one of our ETA Certified Payments Advisors will get back to you right away.