Your Online Store Is Immune to a Fraud? Really?
Categorized as : Ecommerce
Editor’s Note: This post is provided exclusively for our blog by Don Bush, Vice President of Marketing at Kount. Don works with online retailers, industry analysts, consultants, law enforcement and trade associations to determine the latest threats to eCommerce businesses. Don has been a regular speaker on fraud topics at several industry events in the U.S. and Europe.
Fraud is a nasty issue that most eCommerce business owners and managers don’t like to talk about. They see the detection and management of fraud as a cost center, a necessary evil the company has to deal with. While this attitude is pretty common, it couldn’t be more wrong.
According to a recent online business survey, the average order rejection rate due to the suspicion of fraud is 2.8% in the U.S. and 7.8% internationally. If your company is near the average, this means you spend valuable time, money and resources to drive traffic to your site, convert lookers into buyers and still end up rejecting a significant number of orders, because they look suspicious.
I will help you as much as I can by revealing types of online fraud to be aware of and a few ways to minimize fraud losses.
This is the most common response I hear when I tell eCommerce business owners that I am from Kount, a fraud detection and mitigation platform company. These owners and managers say they don’t have a product that fraudsters want, they’ve never had a chargeback issue or they will worry about fraud later.
Real Use Case. Over the Christmas holiday break, one company was hit by a fraud ring using a “bot” network which attempted to make purchases with fraudulent credit cards more than 8,000 times in a period of just three days. Then it was done. It went as fast as it came. No warning signs, simply hit and run.
1. Stolen Credit Cards. Credit card information can be stolen and used by criminals who try to buy goods and services online with the stolen information. This is extremely common and can occur anywhere in the world.
2. Card Testing. It happens when a fraudster or fraud network steals or purchases stolen credit card or other payment information. “Card testers” then go out to several websites to “test” the validity of the cards. Often this is done at sites with low-cost products like apps or free subscription services requiring a credit card to create an account.
3. Account Takeover. When personal information like account numbers, login IDs and passwords have been compromised, criminals can log onto a victims account and withdraw funds, change reporting information, have additional names put on the account for money manipulations, etc. This may not be recognized for days, weeks and even months before the victim or the merchant notices something is wrong.
4. Account Creation. Using the same type of stolen information as in Account Takeover issue, criminals can establish new accounts in the victim’s name and buy things, take out loans, create accounts on game, dating, and other subscription-based websites. Again, this can go unnoticed for periods of time before anyone is aware the account is fraudulent.
I advise you to print these recommendations out and always keep at hand.
Luckily, there are several symptoms that could be early warning signs of fraud and you can act on before more damage is done. Here are a few questions to consider:
Of course, these are not hard and fast rules, but they can be indicators that you have a fraud problem. It’s an uncomfortable topic for many merchants, because nobody wants to admit there are vulnerabilities in their payment systems and approval processes.
Don’t get caught off-guard. As your business expands, it is only a matter of time before fraud finds you. Be aware of fraud types, use techniques to mitigate consequences if fraud has already happened and always keep in mind symptoms that unmask online fraudulence. Good luck with your eCommerce website!
Fraud is a nasty issue that most eCommerce business owners and managers don’t like to talk about. They see the detection and management of fraud as a cost center, a necessary evil the company has to deal with. While this attitude is pretty common, it couldn’t be more wrong.
According to a recent online business survey, the average order rejection rate due to the suspicion of fraud is 2.8% in the U.S. and 7.8% internationally. If your company is near the average, this means you spend valuable time, money and resources to drive traffic to your site, convert lookers into buyers and still end up rejecting a significant number of orders, because they look suspicious.
I will help you as much as I can by revealing types of online fraud to be aware of and a few ways to minimize fraud losses.
I Don’t Have a Fraud Problem!
This is the most common response I hear when I tell eCommerce business owners that I am from Kount, a fraud detection and mitigation platform company. These owners and managers say they don’t have a product that fraudsters want, they’ve never had a chargeback issue or they will worry about fraud later.
Of course, no company has a fraud problem. Until they do.
Real Use Case. Over the Christmas holiday break, one company was hit by a fraud ring using a “bot” network which attempted to make purchases with fraudulent credit cards more than 8,000 times in a period of just three days. Then it was done. It went as fast as it came. No warning signs, simply hit and run.
There are several types of fraud that merchants should be aware of:
1. Stolen Credit Cards. Credit card information can be stolen and used by criminals who try to buy goods and services online with the stolen information. This is extremely common and can occur anywhere in the world.
2. Card Testing. It happens when a fraudster or fraud network steals or purchases stolen credit card or other payment information. “Card testers” then go out to several websites to “test” the validity of the cards. Often this is done at sites with low-cost products like apps or free subscription services requiring a credit card to create an account.
3. Account Takeover. When personal information like account numbers, login IDs and passwords have been compromised, criminals can log onto a victims account and withdraw funds, change reporting information, have additional names put on the account for money manipulations, etc. This may not be recognized for days, weeks and even months before the victim or the merchant notices something is wrong.
4. Account Creation. Using the same type of stolen information as in Account Takeover issue, criminals can establish new accounts in the victim’s name and buy things, take out loans, create accounts on game, dating, and other subscription-based websites. Again, this can go unnoticed for periods of time before anyone is aware the account is fraudulent.
Depending on the type of loss and product or service purchased, here are a few ways to minimize fraud losses.
I advise you to print these recommendations out and always keep at hand.
Luckily, there are several symptoms that could be early warning signs of fraud and you can act on before more damage is done. Here are a few questions to consider:
- Are your chargeback rates over 0.5%?
- Do you reject/decline more than 1% of your orders?
- Are you experiencing a high rate of shopping cart order abandonment?
- Do you have high affiliate turnover?
- Are you manually reviewing 10% or more of your orders?
- Do you hesitate when accepting orders from certain IP addresses, geographies or countries?
Of course, these are not hard and fast rules, but they can be indicators that you have a fraud problem. It’s an uncomfortable topic for many merchants, because nobody wants to admit there are vulnerabilities in their payment systems and approval processes.
Don’t get caught off-guard. As your business expands, it is only a matter of time before fraud finds you. Be aware of fraud types, use techniques to mitigate consequences if fraud has already happened and always keep in mind symptoms that unmask online fraudulence. Good luck with your eCommerce website!