Is Online Payment Fraud Bigger Than Ever?

Online payment fraud continues to increase and is making the headlines again. Most recently with Wonga, the embattled payday loans company, revealing that 245,000 customer records were stolen; including payment card payment fraud

The cybercriminals behind that attack could potentially use the details from Wonga customers to commit online fraud against other retailers and e-commerce brands. Committing fraud in person is more difficult for fraudsters, especially after EMV improved the level of security in chip card transactions. Once EMV rollout started, there was a marked increase in Card Not Present (CNP) fraud, which directly impacted digital businesses and online retailers.

One of the most important trends for retailers is the rise of mobile devices as an e-commerce channel: another that shows no sign of slowing down or reversing, which only serves to increase the risk of fraud. In many ways, smartphones are less secure than laptops. Unfortunately, retailers aren’t only risking fraud from cyber criminals. Customers also pose a risk to your bottom line.

Two Main Types of Online Payment Fraud

#1: Friendly-Fraud

Most customers, like most merchants, are honest and trustworthy. However, a small percentage want something for nothing, and global transaction processing rules place a higher burden of proof on retailers.

Friendly-fraud is when a customer orders a product, is sent a product, and then claim they have not received it. At that point they complain and the merchant either issues a refund, or a customer escalates a chargeback with the card provider, thereby causing the funds to be pulled from the merchant account; potentially, along with, other charges from the bank.

Although the burden is on a retailer to prove a customer received a parcel, there are a few ways you can protect your profit margins:

Reliable tracking information. Ensure you get all the data you can from delivery services, to prove that your goods were delivered to the customer, or returned to a post office or courier depot. Do your best to ensure the drivers are reliable and committed to delivering parcels correctly; not discarding them in front gardens and wheelie bins – which sadly does happen!

Clear Terms & Conditions. Protect yourself as best you can, with T&Cs that communicate clear policies on replacements, refunds, returns and shipping. Be fair to your customers, but don’t risk costs from chargebacks and friendly fraud.

Have a clear policy in place with your courier or delivery service. Make sure you know who is responsible and who covers the cost in case a parcel goes missing or is not delivered properly, in transit.

#2: Clean Fraud

Cybercriminals will do everything they can to get their hands on enough data to commit “clean fraud.” Unlike friendly-fraud, this is always the work of a criminal or criminal organisation. Fraud prevention systems, including 3D Secure, can’t always stop these transactions because the card holder has enough information to get through verification systems.

However there are warning signs, which once detected before an order is fulfilled, means you can reverse a transaction and protect yourself from any more attempts from that card to commit fraud.

  • One large order, from a new customer. Unexpected, out of nowhere, from a customer you have never heard of before. They aim for larger brands – where there is a high percentage of new customers on a regular basis – and small businesses, where they know fraud prevention won’t be as extensive. Robust fraud prevention tools including real-time monitoring can protect your business.
  • Fast shipping is also something a fraudulent customer is more likely to pay for since they are aiming to maximise the amount they can make from a stolen card quickly.
  • Orders from a high-risk country. Orders that come in from Indonesia, Nigeria, Algeria, South Africa, Venezuela, Brazil and Romania currently pose the highest risk for retailers.
  • Multiple shipping addresses, large quantities of same product, or multiple cards from the same IP address. All of these are signs that a fraudster is in a hurry to extract as much money from a card – or batch of cards – as possible.
  • Mismatched shipping and billing addresses. On its own, this should not raise a flag. However, in the context of other concerns, if a customer has two separate addresses, then it is something that is a potential warning sign.

There are several other signs, and fraud detection systems are constantly evolving to counter the threats from friendly and clean fraudsters. Some manual checking is always useful, to ensure you are only fulfilling orders from real customers and not running the risk of chargebacks and other costs.

Online payment fraud is a constant danger, but with the right processes and payment systems, you can reduce the risk to your business and profit margin.

To find out more about the fraud prevention solutions Secure Trading use to protect our customers, contact our team here.

Download our whitepaper on Secure Customer Data: Are You And Your Customers At Risk? for more information on online payment fraud.