Ecommerce Fraud is Rising – Are You Prepared?
Melissa AU Team | |
Covid 19 has literally forced all retailers to build an online presence. E-commerce sales are consistently growing and there’s very little that can’t be bought online today. Unfortunately, the growth in sales is being matched by a growth in eCommerce fraud cases. Fraud not only has a financial implication but also damages a website’s reputation and the brand’s image. Let’s look at a few prevention strategies.
Types of eCommerce Fraud
Any transaction conducted online with the aim of personal or financial gain for the individual conducting the transaction and a loss for the retailer can be considered eCommerce fraud. Some of the most common types of eCommerce fraud are:
• Credit card fraud
This involves the use of stolen credit card information to make purchases.
• Affiliate fraud
This involves creating fake activity to generate commissions offered for affiliate marketing.
• Chargeback fraud
Here fraudsters dispute past transactions and claim refunds from their credit card companies that in turn, demand a chargeback from the merchant.
Cybercriminals hack into databases and steal confidential information or takeover customer accounts.
Strategies To Preventing Fraud On An E-Commerce Site
The responsibility of protecting an eCommerce site from cyber fraud falls mainly on the shoulders of the retailer. The good news is that there are a number of tools that can help.
- Do Not Ignore Signs Of Fraud
Most fraudsters are organized and skilled but they still leave behind red flags. Being able to spot these signs and address them can help prevent fraud. Some of the signs to look out for include:
• Different shipping and billing addresses
• Orders that are much larger than average orders placed by the customer
• Orders placed from unusual locations
• Multiple transactions in a short span of time
• High frequency of declined transactions
• Unexpected orders to international locations
• Placing orders using multiple credit cards
- Conduct Security Audits Regularly
Cybercriminals target websites that have been lax about their security measures. Take a proactive approach and conduct regular site audits. Always ensure your software is updated and SSL certificates are current. You should also check that your site complies with payment security standards and is free from malware. Any inactive plugins should be removed.
- Use Card Security Codes
Most websites do not require the buyer to have a physical credit or debit card when making purchases – they only require the card details. This puts ‘card not present’ transactions at high risk for fraud. To prevent this, make sure you use the card security codes to qualify transactions. This means that the customer must enter the Card Verification Value (CVV) number printed behind the card to confirm the transaction. This system helps but is far from foolproof as it does not account for fraudsters using lost or stolen cards.
- Two-Factor Verification
Two-factor verification goes a step beyond card security codes. This involves validating a transaction by having the customer enter a randomly generated One time password received by text message or email. It ensures that the transaction is being conducted by the individual with access to other personal accounts and hence minimizes the risk of the order being fraudulent.
- Verify Customer Addresses
There are a number of address verification tools available today that can verify a customer’s billing address without making your checkout process complicated. This involves checking the address submitted on the website with the address on file with a reliable third party such as voting or driving license records.
Address verification helps minimize fraud by flagging transactions with a risk of being fraudulent or those with invalid addresses. The merchant can then cancel the transaction or ask for additional customer information. Some address verification tools also offer additional features such as the completion of records and standardized formats. This is especially important for eCommerce retailers with international customers.
- Use Fraud Scoring Tools
Fraud scoring tools use predictive models on your database to spot fraud patterns. Every payment request is compared to what a ‘good’ transaction looks like by using tools such as card security codes, address verification, geolocation IP services, transaction history, etc. This helps identify abnormal transactions and gives retailers greater control over transactions.
- Use Geolocation IP Services
In addition to verifying addresses provided by the customer, you should also check their physical location at the time of placing the order. When a person logs into a website, the activity is associated with an IP address. This is a unique series of numbers that indicates the device used.
Geolocation IP services use these IP addresses to provide the latitudinal and longitudinal coordinates from where the device is being used. Thus, even though the billing address may be correct, if the transaction is being conducted from an unfamiliar location, it may be flagged for further investigation.
- Use Hypertext Transfer Protocol Secure (HTTPS)
HTTPS websites enjoy an encrypted, secure connection between the browser and the server. As the name suggests, it is a more secure version of HTTP. This helps protect sensitive information such as customer names, addresses and payment details from cybercriminals and hackers. For this, you must purchase an SSL certificate. HTTPS websites also inspire more confidence from customers.
- Set Purchase Limits
Purchase limits indicate the quantity of a certain product that can be bought at a time or a limit on the total value of a single order. To set this limit analyze all past revenue trends and customer behavior. The limits are flexible and minimize the company’s exposure in the case of fraud.
Maintaining the Right Security Balance
There’s a fine balance to be maintained between keeping your website secure and giving customers a seamless shopping experience. If there are too many steps to checkout and order, the customer may abandon the cart and move to a competitor.
Also, flagging legitimate transactions as fraudulent purchases can affect brand image negatively and chase away customers. Thus, what you need is to use the right security partners that can validate customer details in real-time without inconveniencing the customer.