E-Commerce Fraud Prevention: Impact And Best Practices

E-Commerce Fraud Prevention

In spite of online merchants’ increased vigilance and technology advancements stabilising e-commerce fraud rates in recent years, merchants still incurred more than $100 billion in total losses in 2012 due to fraud. However, while online merchants must be even more proactive in thwarting fraudsters’ increasingly sophisticated approaches, simply preventing as much fraud as possible may be detrimental to their bottom line and customer satisfaction.

With the Internet providing a global platform to market and sell their products/services, online merchants are faced with the challenge of maintaining security and decreasing fraudulent losses, while also protecting the integrity of the online shopping experience for cardholders and their bottom line.

We all know the obvious cost of fraud: A payment is processed, the product is delivered and the charge is disputed. However, maximising accepted orders is just as important as minimising fraud. If you only have your eye on minimising fraud, you may be leaving a lot of money on the table.

There are also other hidden costs to anti-fraud such as compensation for anti-fraud employees; decreased customer satisfaction by delaying orders in manual review (especially if customers expect instant electronic delivery); rejecting a valid customer who seems suspicious but is in fact valid; and the direct and indirect costs of lost chargebacks. Furthermore, chargebacks can be particularly insidious because rates over 1.5% can result in large fines from Visa or MasterCard in the short term, and lost merchant accounts in the long term.

Different Anti-Fraud Strategies for Different Delivery Methods

Fraudulent orders for physically delivered products incur additional costs associated with the loss of the product and the price of shipping, along with the somewhat higher tendency towards “friendly fraud” (customers claiming the product never arrived in the mail).

This leads to the next important point: creating an anti-fraud strategy to minimise cost and maximise revenue depends on the type of product you sell. Products delivered electronically tend to have different fraud than products delivered physically. E-commerce merchants who deal mostly in electronic delivery may tolerate a bit more fraud because there are minimal shipping losses, while physical merchants with expensive products may be more risk-averse by necessity.

Software as a Service (SaaS) products, however, fall somewhere between electronic and physical products in terms of preventing fraud. While there are no shipping costs, there still may be costs involved in making the product available to the end-customer. For example, an e-commerce business that sells domains must pay to register those domains.

Best Practices for Fraud Prevention

With all this in mind, we bring you some best practices that cover all three types of products and are essential for successfully preventing fraud. One basic, yet often overlooked best practice is to avoid “black and white rules” for your manual review team.

For example, less than a decade ago, a customer ordering in Malaysia with an American credit card was a sure recipe for a chargeback. But now, the world is becoming a smaller place and for many businesses Malaysia tends to be a reliable country. A good anti-fraud specialist tries to find a plausible story for such “inconsistencies” in the data rather than memorising and reacting to rules such as “no American cards on orders with Malaysian IPs.”

Additionally, all e-commerce businesses with in-house anti-fraud solutions should be analysing, modifying and re-analysing. While there are some fraud issues that hit all merchants, many issues will be specific to your business.

A specialist that looks directly at which aspects of an order lead most often to reports of fraud or chargebacks and takes action against future orders of those types will do the most to optimize your bottom line. Of course, after any changes, be sure to follow up and measure how effective your changes were on both your fraud rate and false positive rate.

Lastly, all e-commerce businesses that deliver electronically should cut off access to the product as soon as they are notified of the fraud. Companies that deactivate licenses / products / access rights immediately are a lot less attractive to thieves because they will only profit for a maximum of a few weeks before the fraud is reported. This will drive your fraudsters to competitor products that are less protected and keep them from coming back to you repeatedly over the long-term.

In-House vs. Outsourced

With all the different kinds of costs related to anti-fraud, the difficulty of maintaining state-of-the-art fraud tools and the necessity of an up-to-date anti-fraud team, many e-commerce businesses opt to outsource their anti-fraud. However, all anti-fraud providers are not created equal. If you are thinking about outsourcing your anti-fraud, you have some important questions to ask.

Firstly, what kind of experience in e-commerce and anti-fraud do the team members have? It is vital that team members have a year’s experience in e-commerce and/or anti-fraud at the bare minimum. Some companies employ fraud specialists with no previous experience in the e-commerce or fraud industries. This is critical because these people make the decisions about your money.

Secondly, what kind of transparency do they provide if you have questions about an anti-fraud decision? Of course, trade secrets for anti-fraud are highly confidential to ensure their continued effectiveness, but your partner should be able to answer questions to a level that inspires your trust in their decisions. Some anti-fraud teams will also answer fraud and manual review related questions directly from customers. This saves you time and ensures that customers are as satisfied as possible without feeling as if they are being accused of a wrong-doing.

Some questions you should include a checklist when researching an anti-fraud team include:

  • Does the provider have a wide range of anti-fraud tools and negative lists?
  • How often do they update their tools?
  • Do they actively analyse their chargebacks and fraud notifications to keep up with the growing sophistication in fraud techniques?

Whether you do your anti-fraud in-house or outsource it, there are many things to consider. But an effective anti-fraud strategy will increase your bottom line and your customer satisfaction.

Tabitha Stang

Tabitha Stang is a fraud manager at Cleverbridge, a global full-service e-commerce provider for more than 300 international software and SaaS corporations like Acronis, Avira, Dell, Malwarebytes and Parallels. Tabitha is responsible for leading the company’s global operations with respect to managing all fraud related initiatives, staff and day-to-day operations.