How to Prevent Ecommerce Fraud
How to Prevent Ecommerce Fraud
Companies selling products and services online are at higher risk of payment card fraud compared to merchants processing payments physically in-store. In fact, card fraud is 81% more likely to happen with online transactions than those at a physical point of sale according to a report by Pymnts.com.
Overall, card-not-present (CNP) fraud—fraud that happens when a transaction is made online or over the phone without the merchant physically handling the card—is growing rapidly. A 2019 survey by the Aite Group projected that CNP fraud losses will grow to $6.4 billion in 2021—and that number doesn’t take into account the increase in online shopping COVID-19 has spurred.
What this all means: Online merchants must be vigilant in preventing ecommerce fraud any way they can. When a merchant receives a chargeback, not only do they lose the transaction value, they are often liable for paying a chargeback fee that can range from $5 to $50 (or more) per dispute. Additionally, for every USD dollar in fraudulent transactions, merchants end up paying an average of $3.40 in resulting costs according to an ACI Universal Payments report.
So, what can merchants do to prevent ecommerce fraud? We’ve put together six tips to strengthening CNP fraud prevention:
1. Understand the many types of ecommerce fraud
The first step is to understand how ecommerce fraud typically happens—that way you know what risks to avoid. While there are many types of ecommerce fraud, here are three to be on the lookout for:
- Phishing: This is when a cybercriminal contacts a customer, usually via email or phone, pretending to be someone they’re not. They may ask for financial information—such as credit card numbers and cardholder verification codes (CVC)—in order to steal enough information to make a fraudulent purchase.
- Account takeover fraud: This is when a cybercriminal collects enough non-financial information about a consumer—such as their email address and password—that they’re able to take over their online accounts. This can be to takeover an ecommerce site account to make a purchase using stored payment information. Other times, it can be taking over bank or credit card accounts to place orders online. And more recently, a new trend has been taking over loyalty accounts to make real dollar-value purchases using points, as often these accounts are not closely monitored.
- Friendly fraud: This is when a cardholder wrongfully claims a legitimate transaction as fraudulent. This is often the result of transaction confusion, where a cardholder doesn’t recognize the transaction on their statement, or when someone else in the household, like a spouse or child, makes a purchase without letting the cardholder know. And according to a recent Mercator Advisory Group report, Friendly fraud is expected to reach $50 billion in losses in 2020.
2. Secure your ecommerce site
Use the latest cybersecurity best-practices to secure your ecommerce site and your customer’s data. A few ecommerce cybersecurity best practices include:
- Choose your ecommerce platform carefully. Most ecommerce platforms have a level of security built in. Research the security features, user reviews (if available) and any news articles to make sure the platform you choose is up-to-par when it comes to cybersecurity.
- Use a HTTPS website protocol. This protocol encrypts the data on your site, helping to protect customer and payment information.
- Require strong passwords. Require customers to create hard-to-crack account passwords—needing a mix of items like capital letters, numbers and special characters.
3. Enhance cardholder payment verification and authentication
Verifying the identities of people who buy things online is another way to prevent ecommerce fraud. Otherwise, it’s easy for a cybercriminal who has only credit card details to make purchases. Two ways to do this:
- Ask shoppers to provide their card verification value (CVV), the three-or-four-digit security code found on the back of their credit card.
- Use multi-factor authentication. Tools such as 3D Secure or biometrics require cardholders to provide multiple credentials to authenticate their identity without introducing additional purchase friction.
4. Reduce friendly fraud with the right customer policies and practices
Because friendly fraud is often the result of transaction confusion, online retailers should make it as easy as possible for customers to contact them to resolve any issue. You can do this by creating customer-friendly return and exchange policies and making contact information easily available to encourage customers to contact you directly. The goal is for customers to come to you with any questions or concerns instead of simply disputing the purchase with their card issuer (which typically triggers a chargeback).
5. Deploy CNP fraud prevention tools
Incorporating some basic tools can help you prevent CNP fraud on your site:
- Email verification systems. These tools verify that users who create accounts or make purchases on your ecommerce site have a valid email address.
- Fraud detection systems. These tools use sophisticated algorithms to flag transactions that appear suspicious and should be further investigated.
6. Leverage collaborative tools
Card issuers have valuable information that can be shared with merchants—and vice versa—to prevent ecommerce fraud. Here are two ways they can help:
- Stopping transactions in real-time. Issuers can provide alerts quickly to merchants when a fraudulent transaction is spotted. This can allow merchants to cancel and stop shipments or suspend accounts before having to go through the costly chargeback process.
- Providing detailed digital receipts. Merchants can prevent friendly fraud by working with issuers to create detailed digital receipts that appear on cardholders’ online or in-app bank statements. For example, the receipt might include full purchase details. Presenting this information makes it easier for cardholders to sort out legitimate transactions from fraudulent ones or recognize transactions they might have forgotten about.
Ultimately, there is no one single solution or strategy for stopping ecommerce fraud. Merchants must take a multilayered approach and deploy multiple technologies to reduce the different type of risks.
By understanding how ecommerce fraud typically happens—and fighting CNP fraud on every front—you can significantly reduce the negative impact it can have on your business.