The Basics of Ecommerce Fraud — What It Is and How To Manage It
Here’s the scary truth — online payment fraud is constantly growing. In fact, it seems to be unstoppable. Last year alone successful retail fraud attempts grew by nearly 30%, with mobile commerce driving a significant share of the fraudulent transactions.
All of a sudden it’s not just something you read about in the news, but actually something you might face yourself. Being equipped with the necessary tools is key in everyday fraud management, but it’s even more important around the holidays.
There are two major peaks for online shopping fraud during the holiday season, and it’s Black Friday — Cyber Monday, and Christmas — New Year’s. Fraudsters, just like Santa Claus, are active when everyone else is sleeping.
So you better keep an eye on any suspicious orders coming your way. Read this blog post to find out how to do it.
What is ecommerce fraud?
The term ecommerce fraud is also known as purchase fraud, is pretty self-explanatory. It occurs when a criminal (fraudster) approaches a merchant and proposes a business transaction using fraudulent means such as a stolen or fake credit card to pay for it. This leaves the merchant without getting paid for the sale that was just made.
Fraud has always been around in one form or another, so the concept itself isn’t that new. It used to be limited to the physical stealing of a credit card. And although this still happens, online fraud is far more popular nowadays. With the rise of new technologies, payment methods, and data processing systems, online store owners are unwillingly opening their doors for new forms of fraud every day.
Online fraud most commonly takes place when the credit card is lost, or its information is not stored securely. And while card-present fraud losses have decreased over the last couple of years, card-not-present (CNP) frauds continue to grow.
If you’re a little confused about the terms, think of card-present and card-not-present transactions as payments that occur either when the card is present at the time of a transaction, or it isn’t.
Types of online transaction fraud
Every online store owner dreams of being successful and having a well-recognized brand. However, the more popular your brand is, the more likely it is to become a target of online fraud.
The percentage of total revenue loss by fraudulent orders in 2018 was 1.8%, up from 1.58% in 2017. And the average cost for each dollar lost to fraud rose by $0.17 from last year and reached $2.94 in 2018.
In order to know how to prevent or manage fraud for your brand, you need to know the types of online retail fraud you might have to deal with. Let’s take a look at two most popular fraud types known to ecommerce.
The Friendly Fraud
Contrary to what the name suggests, there’s nothing friendly about this type of fraud. It happens when a customer purchases a product with their own credit card, and issues a chargeback (in some cases deliberately), claiming an item was never received or that they never made the charge.
If you think about your customer FAQs, you’ll quickly realize that they’re all in some way or form a distant relative of the friendly fraud. “My order never arrived although the tracking information states it did” might be the most popular of them all. Turns out you’ve been dealing with this type of fraud on a daily basis.
How to prevent friendly fraud?
You should make sure your credit card descriptors match your business name. A lot of times, chargeback fraud happens because customers don’t recognize the company name on their card statements.
Here’s an example of how payment descriptors appear on card statements:
Also, if you can, only use shipping with tracking. In case customers approach you asking for a refund, it’s the best evidence you can provide to prove the products were delivered to their door.
Last but not least, have clear reshipping, refunds, and returns policies. Find some store policy inspiration and free templates here.
The Clean Fraud
Clean fraud occurs when a purchase is made with a stolen credit card. This type of fraud has definitely graduated to the adult table because it takes some actual skill to pull it off. Basically, clean fraud is the ultimate doppelgänger because it looks like a legitimate transaction with good shipping, billing, and IP addresses as well as complete and verified card data.
Here’s how clean fraud works:
How to prevent clean fraud?
The bad news is, if you’re a smaller retailer, you’re more likely to experience clean fraud. Mainly because it bypasses fraud detection tools and is more difficult to deal with, so make sure your software is always up to date.
The best fraud detection software is definitely more on the pricey side, but since fraudsters are the most active around the holidays, you should take advantage of the free trial plans these companies offer. We recommend checking out Sift Science, Kount, Signifyd.
You should also check more suspicious transactions manually. It takes a bit of extra time, but it can save you a lot of money and sleepless nights. Keep reading to learn how to identify fraudulent activity on your store.
What does a fraudulent order look like?
Ecommerce transactions can contain some hints to help you recognize them as possibly fraudulent. Listed below are 11 signs of a potentially fraudulent transaction.
If just a couple of these are present, it might not be anything to worry about, if a single transaction contains several, it’s time to roll up your sleeves and start digging.
- First-time shoppers. Online criminals usually target several websites they’ve never shopped on before. Once they commit fraud at one, they’ll quickly move on to the next.
- Larger-than-average orders. Stolen payment cards have a very short lifespan, so the fraudster’s goal here is to maximize the spending in a single transaction.
- Fast shipping. The majority of your customers are more likely to select a less expensive shipping option. But since money isn’t an issue for fraudsters, pay attention to orders with overnight shipping.
- Unusual location. Double-check transactions that come from countries you usually don’t get orders from, they tend to have a higher fraud risk.
- A large quantity of the same product. Just as with large orders, buying multiple items of the same kind is a way of maxing out stolen cards as quickly as possible.
- Multiple shipping addresses. These orders might indicate that there is a batch of stolen cards, each with a different name. The common denominator here is the identical shipping address.
- Shipping/billing address doesn’t match IP address. Check if the IP address matches the billing address and/or the shipping address. If there are mismatches, the risk of a fraudulent transaction is higher.
- Multiple cards from a single IP address. These transactions indicate that multiple orders have been placed from the same computer. They may have different names and shipping addresses.
- Odd use of punctuation or letter capitalization. Perhaps fraudsters can’t be bothered to turn off caps lock, or use spaces instead of commas. With no scientific explanation here, it is one of the signs to look out for.
- Multiple transactions in a short time. This one is a sign of a criminal attempting to run up a stolen card’s credit line as quickly as possible before the account is closed.
- Printful notifications. We use a fraud detection system and notify you about orders that look suspicious. Don’t ignore them — double-check!
How to prevent fraud on your store?
The sad truth is, no system is 100% fraud-proof and your online store is no exception. However, there are several things you can do to make personal and financial information on your website more secure.
- Pick a reliable third-party payment processor. Since third-party payment processors make money off your sales, it’s in their best interest to keep your store’s payments secure.
- Keep platforms and software up to date. Whichever platforms or software you’re using to keep your store up and running, always make sure you’re running the latest version. As fraudulent activities get more intricate, providers are hard at work improving the security aspects of their products.
- Check if all your checkout pages stay in the “HTTPS”. The encryption within HTTPS allows your information to remain confidential from prying eyes because only your browser and the server can decrypt the traffic.
- Use AVS and CVV. AVS or Address Verification Service ensures that the billing address of the purchase matches the billing address credit card company has on file. CVV or Credit Code Verification is a security code printed on the credit cards, and not stored in data holds. It means that the customer needs to have a physical credit card on their hands to make a purchase.
- Get an outsider’s perspective. Consider hiring a professional that can evaluate the security of your site is and suggest what else can be done to detect and prevent fraudulent activities on your store.
- Get your hands on fraud protection software that will help you detect high-risk transactions and analyze other risk factors to prevent and reduce fraudulent activities on your store. Some of the ones we mentioned before are Sift Science, Kount, Signifyd.
Finding the right tools that automatically detect suspicious transactions is crucial if you want to protect your business from revenue loss. However, never underestimate the power of manual monitoring to catch fraudsters. You know your customers and their shopping habits better than anyone else. So if you notice something unusual or suspicious — act fast!
Protect your business
Ecommerce fraud numbers have grown rapidly over the last couple of years. And with the fast-approaching holiday season having the highest peak in fraud, you have to equip yourself with the right tools to keep your online store safe.
Make sure your software is using fraud protection filters that will alert you about anything out of the ordinary. Also, don’t forget to remind your team to keep an eye out on unusual orders.
Now that you know how to recognize a fraudulent order and what tools to use to prevent it from happening to you, the ball’s in your court. Stay safe!
Originally published at www.printful.com on October 11, 2018.