Today’s Fraudulent Threats In The Ecommerce Sector
With predictions of the eCommerce market growing to 3.5 trillion pounds by 2021 and by 2022 almost 30% of all global consumer sales will be online, it’s no wonder why eCommerce is the trending space to be in right now.
One of the primary reasons for the sector’s rapid growth is the adaptability to everyday technology making our lives more digitalised. Many of us are making a shift towards the convenience factor of shopping online offers, giving instant access to our favourite brands, items, and services.
The peak of the pandemic accelerated the eCommerce trend seeing record spikes in online sales during this period as everyday high street stores were forced to shut.
Increased online transactions mean increased cybercrime, this is a stigma e-tailers and consumers must be aware of fraudulent activity has been proven in disrupting the marketplace accounting for almost $130 billion in revenue worldwide being lost by 2023.
So, what can we do to prevent this? well, first we need to understand what techniques fraudsters are using today which is causing challenges for us as consumers and retailers.
Account Takeover (ATO): We start with one of the most common and seen as the weapon of choice as it rose 283% between 2019 and 2020.
As the name states, this is when an individual gains access to one or more accounts and carry out unauthorised transactions.
Many eCommerce sites offer customisable profiles so it gives more of a personalised feel when they are shopping on their platform and usually gives a faster checkout experience with all their details saved including global address, email and credit card details already saved so it takes just 1 click the process another purchase.
While this seems to be the way forward for convenience, having a username and password leaked will give access to all this personal information saved on various platforms that can be used for a range of criminal activities which can expose personal details like a person’s address and credit card information which can be used on a wider scale.
Chargebacks / Friendly Fraud: This is when a customer makes a purchase and then contacts their card issuer to force a refund stating it was never authorised or the merchant’s mistake. While this isn’t like the above where unauthorised third parties gain access and use someone’s information, this is a different approach which is estimated to account for a loss of up to $31 billion in the retail industry per annum and is already growing concerned for a lot of brands.
Refund Abuse: Nowadays a lot of online brands are offering the good gesture of hassle-free returns and lengthy refund periods. While this does prove to give more consumer confidence in spending, customers are finding ways to take advantage of these promotions by either using or wearing the item and then opening up a refund stating it’s faulty or some sort of issue.
While this isn’t considered cybercrime, brands should be aware of this type of consumer behaviour as Research shows that e- retailers usually come out second best as they have to cover the cost of free returns, additional promotions where they may not be able to resell the items and any further amends on either side.
Card Not Present Fraud: One of the key issues with purchasing online is all online transactions are marked as card, not present, which means the card is not physically present during the transaction. This sounds quite straight forward and when compromised card information is leaded or stolen, it can then be used to make the card not present purchases remotely, commonly known as a ‘credit card scam’ this will always be a front-tier problem upon online transactions, and as eCommerce continues to grow we will expect this issue to also grow.
Triangulation Fraud: The last, and most recent giving a 3-way process is when fake storefronts are created offering popular brands to lure customers into purchasing. Once online transactions are made, items are shipped to the customer as normal, but the catch is customer credentials are stolen and fraudsters will use make those purchases from another store and ship them to the customer as any normal store would, with stolen credit card details, they then anticipate in making their purchases.
The final stage of the triangulation process is the customer’s response, because the initial items are received, the customer doesn’t suspect anything suspicious but will initiate a chargeback for transactions made from the fraudster which the merchant always has to recover.
The result is that again the merchant suffers a loss while the fraudster gains stolen person details and free items for themselves.
Recommendations to stay on top.
Retailers hold a key responsibility to their buyers and that’s ensuring that they are protected against any potential online risk and fraudulent behaviour when engaging in online purchasing processes, at the same time they need to uphold the best possible shopping experience.
This does seem like quite a load to take on, but there are simple implementations one can follow if you’re thinking about entering the eCommerce space or if you’re quite established and looking to business model to the next stage.
Data quality; is the first and foremost element any organisation big or small should have in their systems to minimise threats and improve overall customer communication and revenue. To be more precise it’s contact data verification that will ensure this; phone numbers and emails being live, callable and contactable.
We see too often that fraudsters are getting away with setting up fake phone numbers and emails to bypass verification processes and procedures often with a fake identity to enter a company’s system or perform the fraudulent activity.
Verify addresses, A golden start.
Address validation in real-time is another vital component in completing the contact data series of recommendations, ensuring that only verified and accurate addresses are standardised to all countries and territories will reduce the risk of made-up addresses entering your system. Composing such address lookup & address correction tools will guarantee that all customer address data entered at the point of capture are deliverable which helps greatly towards offering faster and more reliable logistics from any online store.
You can find out more about how does an address verification system work here
Another factor to consider is that address checker tools can compare numeric parts of a billing address stored on a credit card and the credit card company. This functionality alone can greatly minimise any unauthorised purchases on your website’s checkout which reduced any chance of unwanted chargebacks.
The second recommendation is the consideration of identity verification and KYC checks, which retailers often miss during the signup or onboarding process, or when a customer wants to act. This often relates to businesses that have higher-risk transactions or have to adhere to compliance measures. An example would be alcohol and knife e-tailers that have to verify the age of their online customer before proceeding, someone purchasing a new car online and having it delivered, so needing to verify all aspects including contact and payment info are real and not unauthorised and financial services offering overseas money transfers.
We have an article that explains what is identity verification in more detail here
The Know your customer (KYC) solutions can tailor to just offering age verification like the above to verifying contact data to ID document scanning and the use of biometrics to compare that person’s ID to their selfie to comprise a positive match.
While this seems inevitable for everyday consumer purchases, as we continue to increase our trend in digitalisation, so will the risk of fraudulent activity which we already seeing an increase each year. Retailers should set to shield themselves in the future with an increase of multi-layered digital identity verification processes implemented in their transaction processes which prove to protect and also maximise business effort in the long term.