Fraud Prevention: The Ultimate Merchant’s Guide
Fraud prevention is a leading concern for many online merchants. When looking at recent stats, it’s easy to understand why.
In short: you can’t afford not to.
Three-quarters of merchants reported increases in both fraud attempts and fraud rates by revenue in 2021, and the average cost of fraud management increased five-fold in just two years. In 2019, eCommerce merchants spent an average of 2% of their annual revenue on fraud prevention. By 2021, that share had grown to 10%.
How can you tell if you’re getting the most out of your fraud prevention efforts? What are your credit card fraud prevention best practices? What fraud prevention solutions and tools can you deploy to protect your business?
In this article we will seek to answer these questions, and also outline some common tactics and discuss lesser-known fraud prevention secrets.
Know These Red Flags
Fraudsters can employ a variety of tactics to scam you out of your money. In another article on the topic of eCommerce fraud, we outline more than a dozen commonly-used tactics like account takeover, new account fraud, triangulation fraud, friendly fraud, and more.
The first step towards preventing fraud is knowing what to look for. Even as criminals’ tactics evolve, there are a few key indicators that remain telltale signs of fraud.
Red flags to watch for include:
New Email Addresses
Did a customer create a new or temporary (“burner”) email address to make a purchase? This may be a sign that the buyer is planning to commit fraud, then disappear.
Fraudsters want to get the most value out of their efforts. To do this, they often buy high-value goods that they can easily flip and turn into liquid cash.
When fraudsters gain access to valid account information, they often submit multiple transactions in quick succession to maximize profits before being discovered.
Fraudsters tend to pick the fastest shipping option. They want the goods to arrive before they’re intercepted. They don’t mind paying extra. After all, it’s not their money.
Buying in Bulk
Again, fraudsters look for opportunities to maximize their efforts. They might pick a model of TV or other item, and order as many as possible before maxing out the account.
The shipping address used by a fraudster will not match the billing address kept on file with the bank, or which you have listed in previous transaction records.
Repeat IP Addresses
If the same IP address is tied to multiple transactions and multiple cards, it’s a sign that the fraudster may be using information stolen from multiple consumers.
These are some of the most common signs of fraudulent activity. Remember, though: this is not an exhaustive list.
Criminals come up with new strategies every day. They’re resourceful, and can learn to leverage new technologies, shopping channels, and industry practices before you identify the threat they pose.
Chargebacks for Dummies
Chargebacks can wreak havoc on your cash flow and profitability. This FREE paperback book is your guide for preventing chargebacks and, when they happen, fighting them more effectively.
Send me my Free Paperback Book!
Fraud Prevention: Best Practices
We’ve examined some of the fraud red flags. Given the volume of orders you process, though, you don’t have the time to manually review every transaction.
Below are some fraud prevention best practices that will help scale your fraud prevention efforts.
Deploy AI and Machine Learning
You can deploy machine learning technology to help determine whether to accept—or reject—a transaction. The technology takes past evidence and data and uses it to refine your decisioning. The more data incorporated, the more accurate and intelligent the decision-making process becomes, which makes further improvements easier to accomplish.
Look for Multiple Data Sources
Your fraud decisioning is going to be skewed if you’re drawing only on your own data. You should try to integrate fraud signals from other data networks beyond just your own. This will help you identify trends faster and be more in-tune with developing fraud threats and tactics.
Authenticate Buyers Based on Risk
For some transactions, indicators like address and geolocation suggest that the buyer poses relatively little risk. Other buyers, however, may require more in-depth screening or even manual review. You should segment lower-risk transactions from riskier ones. This way, you only have to introduce friction when it’s really necessary.
PCI standards are meant to ensure that you’re taking the necessary steps to protect consumer personal data. These security protocols are complicated, but PCI compliance is an important baseline. It protects your customers and insulates you against fraudulent purchases made using stolen data, as well as the PR backlash following a data breach.
Train Staff Properly
Think about your staff as your best line of defense against fraud. You want your staff to be trained properly and to know the warning signs of fraudulent activity, especially when conducting manual reviews of transactions.
Keep Software Up to Date
Outdated software can cause multiple problems. Outdated fraud prevention solutions may fail to intercept new threats. Other outdated technologies can be exploited by fraudsters, potentially compromising your—and your customers’—sensitive information. Keep up with all software updates and patches and deploy them as soon as possible.
Conduct Regular Audits
Don’t simply assume that you’re doing everything you need to in order to protect yourself and your customers. Conduct regular audits of all internal operations to ensure you’re doing what needs to be done. Are you staying up to date with tech changes? Are your employees abiding by your established protocols?
Learn more about best practices
Better Tools. Better Tactics. Better Results. Learn how you can optimize your fraud prevention strategy today.
All the tactics we’ve outlined are important. The tools you use, however, will also impact your fraud prevention plan. Deploying the right fraud prevention tools is as vital as adopting the right internal processes.
Below is a list of common fraud screening tools you can use to identify risky transactions. Many of these tools have been around for years. The newer tools, however, tend to be more effective at preventing fraud because criminals have not had as much time to learn how to bypass them.
Implementing 3-D Secure 2.0 (or 3DS2) provides an added level of security by making sure the buyer is the authorized cardholder.
Learn more about 3-D Secure 2.0
Address Verification Service
Address Verification Service (AVS) helps reduce risk by automatically checking the billing address listed in the transaction against the address registered with the issuing bank.
Learn more about AVS
Tokenization technology allows users to submit a randomized placeholder number (called a token) in place of sensitive personal data. This keeps their information safe from being intercepted.
Learn more about Tokenization
A blacklist helps ban known or probable fraudsters. Whether these individuals are engaging in criminal fraud or friendly fraud, establishing a blacklist can ensure they never cause trouble more than once.
Learn more about chargeback blacklists
Device fingerprinting is a forensic technique used to identify a device. The methodology can gather unique information based on device configurations, hardware and installed software.
Learn more about device fingerprinting
Card Security Code
The card security code is a common authentication tool that helps ensure the shopper has possession of a card. These codes cannot legally be stored by either the merchant or the processor.
Learn more about security codes
Geolocation technology pinpoints the user based on the IP address associated with the order. Comparing the user’s IP address against the information on-file with the issuer lets you verify whether the buyer placed the order from a reasonable location.
Learn more about geolocation
Visa Account Updater
Visa Account Updater is a credit card information clearinghouse that notifies you of updates to cardholders’ accounts. This helps ensure you have the most up-to-date information available.
Learn more about Visa Account Updater
Payments apps like Apple Pay and Google Pay can employ biometric technology as part of a two-factor authentication process. For example, a user may be required to enter a thumbprint/facial scan/etc. to unlock the device; a second positive ID is then needed to authorize a purchase.
Learn more about biometric payments
Velocity limits, or velocity checks, scan for potential fraud based on the rate at which a buyer submits multiple transactions. This allows you to identify suspicious transactions in real time.
Learn more about velocity limits
Learn the #1 Chargeback Management Secret!
This detailed report shows why traditional attempts to combat chargebacks fail and how one fundamental misunderstanding is at the heart of most chargeback management mistakes.
Fraud Prevention: Automated Decisioning & Fraud Scoring
Fraud prevention requires a layered approach. You need multiple fraud prevention tools deployed in a coordinated manner. Each tool has its own strengths and weaknesses.
Using tools that complement one another is what it really means to have a fraud prevention strategy in place. Looking at the longer term, this is the only way to get accurate data, identify relevant fraud prevention KPIs (key performance indicators), and make informed decisions about fraud.
Of course, you don’t have to rely on manual assessments to do this. Fraud scoring technology lets you deploy machine learning to examine each transaction based on an extensive variety of indicators. It also provides simple “up-or-down” decisioning as to whether a purchase should be accepted, rejected, or subjected to further screening.
Many fraud prevention service providers combine tools into a single risk management platform, letting you offload this process entirely. Here are some of the best-known service providers (in no particular order):
Kount’s patented digital fraud prevention solution means fewer chargebacks and declines, plus lower operational costs. It’s used by some of the world’s largest payment service providers, gateways, processors, and acquirers.
Riskified uses machine learning to instantly differentiate between good and bad actors, allowing merchants to approve more orders (with a 100% chargeback guarantee) while providing a frictionless customer experience.
Signifyd offers fraud protection for eCommerce backed by a 100% financial guarantee. Their technology identifies both good and bad consumer behaviors—reducing losses, lowering rejections, and increasing revenue.
Ravelin provides technology and support to help merchants prevent evolving fraud threats, and allow them to accept payments with confidence. They offer machine learning, access to a global fraud network, and more.
SEON reduces the costs, time, and resources lost to fraud. Their modular fraud tools adapt to how you do business and manage risk. You can automate decisioning and accelerate manual reviews to grow your business.
ClearSale is a complete ecommerce fraud protection solution. They combine advanced statistical technology with the world’s largest team of specialized fraud analysts for a balanced, real-world approach.
NoFraud offers eCommerce fraud prevention services through real-time virtual identity verification. They deliver individual, real-time decisions for each transaction (Pass/Fail) using thousands of data points and fraud detection technologies.
Bolt solves the complicated technological challenges involved in checkout, fraud detection, and digital wallets. You can devote your energy to what matters most—growing your product, brand, and customer base.
Fraud Prevention: The Bottom Line
Fraud prevention is about employing the right tools, in a coordinated manner, so they work together and complement one another.
Of course, even with the optimal strategy, tools, and tactics in place, there’s still no way to “fraud-proof” or “chargeback-proof” your business. Criminals get more sophisticated all the time, and staying up-to-date on the latest threats can be a full-time job on its own.
Chargebacks911® offers the most comprehensive chargeback management services and products available on the market today. Our experts are constantly uncovering new fraud threats and developing innovative strategies and technologies to fight back. This applies not only to fraud prevention, but even to hard-to-fight challenges like friendly fraud.
Whatever you need to prevent chargebacks, we can help. Contact us today for a free demo.