How to Detect FraudExposing & Stopping Scams Before They Happen

Let’s say someone tries to make five or six purchases on your website within a half-hour of logging on. That could point to a fraudster trying to get the most use out of a stolen credit card before being discovered.

With velocity check systems in place, things like rapid transaction attempts, multiple failed payments, or excessive orders from the same user can be flagged as potential card testing. Suspicious orders can then be cross-referenced against customer buying history.

Geolocation data can pinpoint irregularities related to the IP address where a card-not-present (CNP) transaction originated. In other words, you’re using GPS or IP data installed on the buyer’s devices to help verify customers’ identities. 

This means you can flag transactions from high-risk countries, mismatched billing/shipping locations, or the use of VPNs/proxies. And, if the transaction details don’t match a cardholder’s known location, there’s a decent chance that the buyer isn’t actually the cardholder at all.

Knowledge about a browser can be combined with hardware data to create what we call a device’s “fingerprint.” Each bit of information helps create a unique picture of the device, like the lines of a human fingerprint.

Device fingerprinting can help you pinpoint suspicious activity that may suggest fraud. For example, repeat fraudsters may use different accounts to commit multiple crimes. If all those originate from the same IP address, however, you’ll know something is fishy.

Behavioral fraud detection uses AI to analyze consumer behavioral patterns, comparing data points like usual login times or typical transaction types. Everything from cursor movements to mouse usage to typing rhythms can be used to construct a general profile to compare transactions against.

The profile is used for comparison purposes only; you won’t get the details, just the results. While it may sound a little “Big Brother”-ish, behavioral analysis can often discern patterns that might escape human notice.

Reverse email lookups are a fast, simple way to verify suspicious transaction attempts. Looking up a customer by the email address they give will bring back the sender’s name, plus expose online histories, phone numbers, and other personal details that are publicly available over the internet.

Less of a detection method than a validation technique, reverse email lookups enable you to double-check a transaction attempt that other tools have flagged for a manual review.

The card validation code (CCV or CVV) is a three- or four-digit value printed on the signature panel of credit cards. The code is transmitted as part of the order information, but is not stored by the seller; the only way to get ahold of it is to copy it off the card.

Having access to this code indicates the would-be buyer is an authorized user who, most likely, has the physical card in their possession. 

The Address Verification Service, or AVS, works by checking the given address of a credit card against the address the bank has on file.

If the address provided by the buyer matches the address on file with the bank, then it’s probably an authorized user on the other end of the transaction. If there’s a mismatch, it may suggest that the buyer is a fraudster.

Link analysis helps you spot fraud by identifying links or relationships between accounts that otherwise seem unrelated. Different accounts using the same shipping address, for example, or using the same payment methods.

A fraudster may have multiple accounts on your platform, or may exchange stolen information with other crooks. When you identify a fraudulent account, link analysis can help you discover if it’s part of a larger fraud ring, or is somehow connected to known fraudsters.

3-D Secure (3DS) is a multi-factor authentication (MFA) tool, meaning the user needs more than just a simple password to access their account. At checkout, 3DS directs your customer to a verification page, where they validate their identity by entering a unique password, an SMS code, or a temporary PIN.

MFA helps reduce fraud for transactions where a card isn’t physically present. Plus, if you’re using 3DS and fraud does occur, liability typically falls on the issuer, not you.

Machine learning falls under the category of artificial intelligence; the main difference is in the word “learning.” Starting with a database full of details from both fraudulent and non-fraudulent transactions, machine learning can compare every new order against what it already knows.

Data points are cross-referenced with those of the previous transactions to gauge the validity of an order. Any new information coming from that interaction is then fed back into the database, increasing the system’s accuracy over time.

Blacklists are databases built to predict fraud based on previous interactions. Whenever fraudulent activity is identified, details are recorded on the blacklist. Future transactions are compared to that list, and any order using those same details is declined.

Automatic addition to the blacklist can be based on anything from IP address or card number to an entire country or region. A  fraud whitelist is similar. Instead of banning certain people, though, a whitelist blocks everyone except those matching select criteria.

Chargeback alerts help proactively resolve customer disputes before a chargeback is officially filed. This advanced warning system enables you to refund a disputed transaction and avoid the chargeback altogether.

When you receive a chargeback alert, you’ll have between 24-72 hours to give the cardholder their money back. Since chargebacks can’t be filed on a refunded purchase, the dispute is automatically closed. Alerts can also help you identify serial disputers; friendly fraudsters who repeatedly steal by abusing the chargeback system.

Sometimes, the surest way to detect fraud is to manually review the order. Human eyes can miss patterns that AI might catch, but they can also recognize nuances and rationales better than the most sophisticated computers.

Of course, you can’t logistically review every order by hand. What you can do, however, is set thresholds that flag orders requiring human verification before processing. Parameters can be set for ticket value, country or region of origin, and so on.

One of the best ways to avoid fraud is to validate the customer’s identity before the transaction is complete. Certain software programs can effectively identify potential fraudsters by cross-checking customer details with publicly available information.

This can include obvious data such as email address, phone number and IP address. But searching through social media and contributor sites can provide additional verification information. Face recognition, for example, analyzes facial features to find matches or differences. Name matching consists of making sure names used by the buyer match across different sources, including alternate spellings.

Fraudsters need an ongoing supply of new payment details to sustain their trade. They may purchase lists of stolen card numbers, but they can also randomly generate Bank Identification Numbers in hopes of stumbling across a legitimate card.

A valid card number, however, still requires the crook to create bogus cardholder details. Card BIN lookups compare as much card information as possible against specific databases, searching for red flags like an IP address that doesn’t match the BIN location.

Fraud scoring refers to quantifying the level of risk involved in a transaction. Machine learning technology examines each transaction based on dozens of different indicators — dollar value, product category, AVS response, and so on — then assigns a simple numeric score representing the transaction's risk level.

Points are added or subtracted according to predetermined rules. Depending how you’ve set your rules for fraud scoring, these red flags might automatically accept an order, reject it outright, or flag it for manual review.

That abandoned shopping cart on your site with $4,000 worth of product? It’s probably a fraudster. One way crooks test stolen card numbers is by loading up their cart and attempting to check out. 

If the sale goes through, great; they’ve just stolen a cart’s worth of goods from you. If it doesn’t, the fraudster simply moves on. So, be suspicious of actions like frequent cart abandonment, adding/removing large items, or rapid changes in shipping addresses.

Believe it or not, those could be an intentional trick to try and bypass your email’s security filters. 

Also, fraudsters know that savvy recipients will likely spot bad spelling/grammar right off the bat, and recognize the message as fake. Scammers don’t care, because those folks aren’t the target; they want more gullible victims, who might feel that typos make the email seem authentic.

In some instances, the destination of an order can be the clearest indicator of fraud. Personal or business names that use separate addresses for billing and shipping could potentially indicate fraud. Be sure to compare against previous orders.

You’ll also want to flag orders going to freight forwarders, PO boxes, or  reshipping hubs. And, be on the lookout for a large number of people using the same delivery address, or a single buyer shipping orders to multiple addresses.

Most modern fraud detection tools incorporate some sort of AI analytics to assess which transactions are most likely to result in a chargeback. Analyzing large datasets in real-time, such systems can also identify hidden patterns and transactional anomalies your human team might miss.

Machine learning algorithms continuously learn from past transactions and successful chargeback representations. AI-based systems can both adapt to evolving fraud tactics and also look for and implement constantly changing chargeback rules and new regulations.