Seven Ways to Fight E-commerce Fraud
For the first time in history, business and consumers can be robbed and conned by strangers who are thousands of miles away and nearly impossible to catch. The e-commerce ecosystem is clearly struggling to cope with all the new and multiplying forms of fraud.
LexisNexis reports that in 2014, large e-commerce merchants – those most able to pay for sophisticated fraud prevention systems – lost 0.85% of revenue to fraud, well above the 0.68% average. Online merchants paid $2.62 per dollar of online fraud and $3.34 per dollar of mobile fraud. By one estimate, U.S. Card Not Present fraud losses will surge from $3.1 billion in 2015, to $6.4 billion in 2018.
The good news is that online merchants can drastically curb fraud by taking some common sense steps. Just as a brick-and-mortar store would install cameras, locks and RFID tags to reduce theft, an e-commerce store can setup some practical defensive measures.
Whether you have sophisticated fraud prevention software or not, I recommend using these seven principles and processes to fight off e-commerce fraud.
1. Is it too good to be true?
If you typically sell one widget per customer and someone orders 100 in one order, pump the brakes. Does this customer have a record of ordering wholesale quantities? Don’t let the excitement of a big sale blind you. The chargeback fees, lost product and additional fraud attempts will be painful.
2. Can you validate the order?
If an order seems suspicious, validate it. First, verify the shopper’s address and phone numbers with WhitePages.com or Spokeo.com. Search the email address in Google or even Facebook, and if nothing turns up, call the shopper. Ask if he or she can verify the billing address associated with the credit card, and then follow up by asking for the names of the cross streets nearest their address (have Google Maps open and listen for a delayed response or typing in the background).
3. Duck test
You’ve probably heard the expression, “If it looks like a duck, swims like a duck, and quacks like a duck, then it probably is a duck.” The so-called ‘duck test” suggests that you can determine what something is by its habits, and this applies to online shoppers. If XYZ Corp. orders $10,000 worth of business software from a residential address, it failed the duck test. Likewise, if Jane Smith uses the email address [email protected], that’s a red flag. Why did this person attempt to use six different credit cards before getting an order through? Why is the customer, who supposedly lives in Chicago, shipping to an unaffiliated address in Jakarta, Indonesia? Legitimate customers act like legitimate customers.
4. Create a blacklist
Record a blacklist of fraudulent credit cards, email addresses and shipping address so you automatically decline them in the future. Be sure to review questionable transactions closely so you don’t accidentally put a good customer on your blacklist.
5. Track the performance of fraud rules
Whether your use a fraud tool or monitor transactions manually, create rules for preventing fraud. Good rules flag or stop suspicious orders without stopping legitimate purchases. So for example, if 95% of your orders contain less than 20 units, requiring a manual review of all orders over 20 units is a reasonable rule. To see if the rule is working, you can compare the percentages of fraudulent transactions and non-fraudulent transactions that triggered the rule.
6. Update your rules
Review declined transactions frequently so you understand what forms of fraud are most prevalent and adapt your rules. For example, if you have multiple fraudulent orders with @aol.com emails (yes, people still have them!) shipping to Houston, Texas, create a rule or monitor all transactions with @aol.com email domains shipping to Texas. Over time, smart fraudsters will identify your rules and find ways to get around them, so keep evolving.
7. Identify your targets
Fraudsters often target products that will be easiest to resell. If you sell bicycling gear, for instance, criminals might have an easier time selling bike lights and locks than a whole stolen bicycle. Repeat offenders also know that high dollar purchases trigger fraud prevention systems, so they will focus on low dollar orders and maybe spread them across multiple credit cards.