External fraud is the enemy of all businesses. It can be argued that internal fraud is also an enemy of business, but this article will focus on common types of fraud that customers commit against a variety of e-commerce businesses – especially ones that sell tangible items that need to be shipped. Knowing what people do to trick businesses out of their own products (and time) can help defuse these techniques.
How much is customer-driven ecommerce fraud costing online businesses?
Customer-driven fraud cost merchants billions (with a “B”) every year. Some reports and statistics show that the level of fraud exceeds 10 Billion each year.
Where online business really feel the pinch is with “charge-backs”. When the payment processors receive a complaint from a customer – they tend to believe the customer. Keeping investigation time to a minimum they typically process a charge-back transaction again the merchant. More often than not it is the merchants who are getting the short end of the stick. Customer-driven fraud has been on the rise. It has simply been easier for the payment processor to screw the merchant – even when the facts points the other way. Also, online transactions are often “card-not-present” situations, therefore making online stores particularly vulnerable to “stolen-card” fraud too.
One type of fraud, particularly on the rise, occurs when scammer-customers order physical (or digital) goods, with the covert intentions to make a false claim to their bank (or even their victims bank) that products were “not delivered” – and fraudulently demand a charge-back.
Fraud stings online merchants of all kinds, no matter how big or how small. In fact, it is on the rise in online world because E.M.V. [ (E)uropay, (M)astercard, (V)isa ‘smart card’] controls have made it more difficult to commit fraud over the counter. So thieves have been shifting their energy to e-commerce storefronts – which are more vulnerable to credit card fraud.
[ EMV is a technical standard for smart payment cards and for payment terminals and automated teller machines that can accept them. EMV cards are smart cards (also called chip cards or IC cards) that store their data on integrated circuits in addition to magnetic stripes (for backward compatibility). These include cards that must be physically inserted (or “dipped”) into a reader and contactless cards that can be read over a short distance using radio-frequency identification (RFID) technology. Payment cards that comply with the EMV standard are often called “Chip and PIN” or “Chip and Signature” cards, depending on the authentication methods employed by the card issuer.
EMV stands for Europay, MasterCard, and Visa, the three companies that originally created the standard. The standard is now managed by EMVCo, a consortium with control split equally among Visa, Mastercard, JCB, American Express, China UnionPay, and Discover. ]
Of course the age-old and most common type of consumer-driven fraud is purchases conducted with stolen credit card numbers. This is difficult to detect in advance of a transaction, but some online anti-fraud services such as MaxMind (and others that you can easily google) can help you better discriminate fraud from real transactions. This usually results in the real cardholder calling-in for a charge-back request. If you run an online business, chances are you have run into this situation more than you can recall by memory.
For merchants it is often a painful ongoing dilemma e revenue from the transaction. Worse, too many chargebacks (typically about 1% of all transactions) can cost of anywhere from $15 to $100 – and that is just the start of the headache. Each chargeback also represents losses shipped goods and time and labor + plus the secondary risk of their payment processor or bank cutting them off.
Red flags are just that, flags. Not every cause for concern actually represents fraud. However, either you, or your hired fraud-management service, should be careful when screening transactions which fit these descriptors:
High ticket-value purchases by a first-time customer should be carefully reviewed in detail.
- * Repeated attempts by the customer to make purchases at increasing or decreasing ticket values.
- * Shipping (or billing) address which doesn’t match with the credit card billing address.
- * 3 or more repeat attempts to enter the correct card’s expiring.
- * Many credit cards used to make purchases from the same IP address
- * Purchases in more than one size or color by the same buyer (especially if those purchases are made with various cards)
- * Buyer guessing at cardholder information such as address, credit limit, or card expiration date, or they can indicate someone shopping with a list of stolen credit card numbers.
- * These precautions when reviewing orders can (but don’t always) help mitigate fraud against you and your business.
You may be able to intelligently screen fraud in-house or by yourself. However, this may not be the best solution overall, for a couple of reasons. Scammers are always honing their tactics and abilities to avoid detection, which means you’ll need to become a fraud detecting pro. Also consider that your sales volume may spike rapidly during peak like seasonal holidays or sales events. This might make fraud detection unwieldy for you. Holidays are often peak times for fraud too. You should always weigh the pros and cons of hiring a fraud-detection service; based on your sale volume, profits, losses, etc.
A better option is to choose a processor with fraud protection services or hire a third-party fraud service to screen your transactions.
MaxMind and VariLogiX are popular choices. Varilogix can be set to call payees automatically before their particular orders are submitted – verifying payees and their identity (and validity) . Customers are required to enter a code during a call, that is shown on their monitor. Contacting your customers directly via a phone call also shows them you’re serious about protecting their identity (and payment information).
Maxmind set the parameters of how you wish to approve new transaction. MaxMind screens and assigns a score for each transaction – in alignment with your specifications. Score thresholds are pre-set by you for automatic rejection (or pending state) of high-risk orders. Then you manually review the orders. MaxMind also performs phone verification on flagged orders.
Happy Merchandising from 4GoodHosting!