3 Tools That Will Help You Turn Fraudulent Orders Down to 0
The successful growth of eCommerce businesses depends significantly on concentrating to optimize revenue and profits. Đ•very retailer will encounter trouble with fraudulent orders that may impede their profit maximization at a given point. Sadly, there is no way to go around it. Or is there?
A popular study on the real cost of fraud by risk management leaders LexisNexis concluded that the total annual costs caused by online fraud in 2014 have reached $32 billion, which is 38% more than 2013. This tendency is obviously thriving, but there are ways to prevent it.
Online Fraud Definition
Friendly Fraud
The term “Friendly fraud“ refers to the orders that are being returned for a refund through the chargeback process. The consumers do this without notifying or contacting the retailer at all. Usually, the chargeback is requested from the issuing bank. The most common illegitimate claims that consumers make include:
- The product has not been delivered
- Defective or not answering to product's description
- Unauthorized initial transaction
- The request for cancelling a recurring transaction has not been fulfilled
The reason why this is labelled as 'friendly' is that not all cases are directly caused by malicious intent. A consumer may want to return the item for a refund due to a number of circumstances. Buyer's remorse is a well known case when the customer has suddenly decided that purchasing the item has been a wrong choice. Also, there are purchases made by a family member without the permission of the cardholder who may ask for a refund afterwards.
One should take into account that not all chargebacks are made with fraudulent intent. That is why the option to return an item is necessary and should be available everywhere. Retailers are rarely able to determine the real cause for a returned product. If more protective measures are applied, they will result in more extreme and sometimes unnecessary prevention strategies which might hurt revenue more than chargebacks do.
For more information on returning products, you can check out another blog post - https://isenselabs.com/posts/the-art-of-mastering-product-returns.
True Fraud
Malicious data breaches from stolen credit cards cause a negative impact on the eCommerce revenue in general.
When the initial intention of a customer has been to get free items – things get a bit different. This is called “True fraud”. A single chargeback does not only cost the value of the item itself, but also includes much more additional expenses such as fees, losses of goods, penalties and service fees. Most importantly – wasted time.
The consequences
There is big pressure on the eCommerce sector. Large brands are suffering losses both in revenue and consumer trust. The increasing number of mobile-channel purchases reflects on the entire volume of transactions in the industry. As they grow, so does fraud.
From 0.51% in 2013 to 0.68% 2014, eCommerce businesses have experienced a severe increase in the percentage of revenue they lose to fraud. The study by LexisNexis also found that online retailers are starting to pay more per dollar of fraud in recent years – from $2.79 in 2013 up to $3.08 in 2014. This is the reason businesses should act against fraudulent orders.
EuroPay, MasterCard and Visa
EMV is a newly developed standard for credit card payment specifically designed to battle credit card fraud. Its main purpose is to make the breach much harder than it is now, but cybercriminals are always busy finding new ways.
How to detect fraudulent orders?
There are several key elements that can help online retailers identify potential threats and fraudsters.
Foreign & proxy IP
The IP address is a quick and simple way for identifying any Internet user. It helps businesses detect the location of each customer by tracing the address. Proxy and foreign IP addresses are the two cases that are definite eyebrow-raisers to say the least.
A fraudster will always try to hide their tracks and block access to their location through a proxy address. If you notice a foreign IP, it is not necessarily a threat, depending on the type of store that you are running. However, if you are not targeting an international audience and rarely get visits from other countries - it's worth looking into.
Billing & shipping address
There are many obvious attempts for a fraudulent order. It can be easily detected if you see that the IP address is in Spain, but the shipping and billing addresses are in Florida and Nevada for example. Seeing such an order immediately calls for action. One simple prevention mechanism is to block the access of users from countries that you are not shipping to.
Phone numbers & area codes
Make sure that the phone number assigned to the order matches the area code of the shipping address. If it doesn't, this is one of the signs that you are about to encounter fraud. Make a case before you block an order by gathering other evidence suggesting fraud.
The use of suspicious phone numbers and email addresses could also potentially be detected. For example, consecutive number phones (555-888-7777) or random character emails (gjg56dif531@freeemail.com), and those similar to them are obviously fake and a definite cause for alarm.
Order size & expedited shipping
It is always a good idea to pay a bit more attention to unusually large orders and rushed checkouts using One-Day shipping options. Fraudsters know that the card they are using has a timeframe before it's shut down, so they take advantage of it as quickly as possible. Be sure to check into that especially if you are seeing it from a first time customer.
How do we eliminate the threat?
Retailers have adopted many of the methods for fighting fraudsters and preventing them from completing their orders. The industry is struggling with outdated solutions and has recognized the lack of adequate support. Some of the most reliable tools that can be implemented are:
1. Identity Authentication
This must be one of the first lines of defence against fraudsters. There are many risk management companies like 41st Parameter and LexisNexis offering Identity Authentication, often as a part of a multi-layered service. Integrating this functionality will allow you as a retailer to gather important personal information about every customer. Some store owners ask about regular information like the name, address and phone of the customer, but others might want to go into detail and collect information about date of birth, national identity number, etc.
All of that information is used to match and verify if the person associated with all these details is actually behind the purchase that is about to take place. This is a very effective tool, but there are a lot of things to consider, such as:
- Is this the only tool you are using?
- How often is the software updated?
- Is the data accurate and detailed enough?
- Does it include cell & business phones?
Identity Authentication is far from being the only method and it will be easy for your business to become a victim of fraud if that is your only protection.
It should also be noted that there are many legitimate cases where the information is not supposed to match. For instance, if a customer wants to make a gift for a relative and sends it to their address.
2. AVS – Address Verification Service
This should undoubtedly be one of the first solutions that a merchant should use to reduce the chance of fraud. It is quite easy to implement and also aids in prioritizing the orders that you want to review.
AVS is a very successful and common tool that is delivered by credit card associations and banks. They give merchants the option to match the billing address with the one that is filed with the issuing bank. For the most part, this is the merchant's responsibility and should be a part of the request for authorization on the credit card. It is a widely adopted method in all of the United States, UK, and Canada. AVS is fully supported by MasterCard, Visa, Discover Card and American Express.
Despite the wide spread of this method, its use and effectiveness is still not entirely reliable. Again, it's a great tool to help you battle fraud but it should be used in addition with other methods.
There are many possible reasons why there can be differences between the billing address and the one on file with the issuing bank. Many people either move, travel a lot or make purchases that are meant for family members with different addresses.
3. IP Geolocation
The location of the customer at the time of purchase is very important and that is why Geolocation services are becoming more widely used. They offer extensive details such as:
Geographical information - continent, country, state, city, zip, area code, time zone, longitude and latitude.
Proxy information - anonymous proxies, cache proxies, corporate proxies, and AOL.
Network information - network connection type, domain name, autonomous system number, backbone carrier name and even network speed.
Unlike AVS and Identity Authentication, IP Geolocation solutions are actually quite trustworthy and prove to be successful on a global scale. There is no better method to validate regulatory compliance by country. The most important aspect – it allows a merchant to see if a consumer is attempting to hide their tracks and identity. This makes IP Geolocation a perfect tool for detecting huge differences between the provided data and the current location of the customer.
Furthermore, if the business is aimed at a single country, this is a great way of catching foreign consumers before they even reach the order-processing steps.
Other options worth looking into
There are many more additional methods of protection that can be utilized and must be mentioned.
- 3D Secure – otherwise known as Verified by Visa, this authentication solution is designed to validate that the purchase about to take place is being completed by the actual cardholder. If a fraud occurs, the merchant is offered some financial coverage. It is a tool known for its efficiency against fraud-related chargebacks.
- Delivery Confirmation – knowing when the item had arrived, who had signed it and all other delivery details can aid in resolving an eventual attempt at a fraud-related chargeback. This is another piece of information that can prove useful in battling fraud.
- Device Identification – also named Device ID, this tool is primarily used for determining the link between the multiple devices that a consumer uses. Some fraudsters can cheat this tool, but the newest commercial solutions make it increasingly difficult. They require the consumer to invest a lot of time and resources to get around it.
- Manual Detection – this requires actual staff members who will perform manual checks on orders that seem suspicious and require reviewing. Usually, the low risk orders are automatically approved and the high risk ones are denied, but there are certain cases that require a closer look. It’s not the most reliable and cost-effective tool, but its efficiency actually depends on how well it is used and managed.
Companies providing fraud prevention software and services
Apart from credit card associations and banks, there are other sources of solutions for fighting online fraud. We will give you a few examples of such providers who have developed SaaS that can be implemented in the merchants’ strategy for fraud prevention.
Fraud.net
Their system combines some of the aforementioned features as well as their own solutions for engaging fraud. Their Device Fingerprint tracks all users who enter your website in real-time and alerts if it detects that the device being used has been involved in fraud. They also offer current analytics and tools to benchmark your stats against other competitors in your industry. It's a fully customizable and modular system that offers the chance to include whatever solutions you want in your fraud-prevention strategy.
minFraud
Taking advantage of IP Geolocation mechanisms and detecting high risk addresses, they aim to reduce chargebacks and determine which orders appear to be suspicious before they are completed. Their software utilizes a variety of tools and factors to determine the risk of a certain transaction. The minFraud Network is used to establish the reputation of various IP addresses coming from different countries, as well as the personal data of customers such as emails and other variables.
ACI ReD Shield
With a team of analysts, they focus on extending your manual reviewing effort and further help your business strategy. They develop risk analysis and further plans for preventing fraudulent orders based on the performance of your website. ACI maintains their focus on adjusting their fraud prevention tools to fully protect your business and address the risks accurately.
Summary
To conclude, it is very important to note that no single tool is capable of fully protecting you against the risk of fraud. Consumers with malicious intentions are increasing and their methods are getting better and better.
The truth is in the balance
It is certain that this is one of the hardest things to do, but it's vital to find the balance between making it difficult for fraudsters to take advantage of loopholes and making it seamless for normal customers to make easy and quick purchases. There is a very thin line between your website attracting clients or chasing them away with extremely strict rules for completing their transactions. That is why it is so crucial to take precise action and combine all of the tools that you can in order to make sure that there is no chance of fraudulent orders to impede your growth in profit.