Transaction FraudThe Right Information… but the Wrong User

January 25, 2023 | 12 min read

This image was created by artificial intelligence using the following prompts:

Photograph of a thief holding a giant credit card in a city, 90mm, wide angle shot, hyper-realistic, Unreal Engine, UHD, 64k

Transaction Fraud

In a Nutshell

Transaction fraud occurs when stolen credit card data is used for unauthorized purchases. It can hit any seller, from global conglomerates to a kid with a sidewalk lemonade stand. Today, we examine how transaction fraud works, and how it can impact merchants.

What Counts as Transaction Fraud? How Does it Happen & How Can You Prevent It?

Protecting a business from credit card fraud can put merchants in a quandary.

It’s important to prevent fraudulent transactions, but that can easily lead to the decline of some legitimate orders by accident. Merchants want to sniff out fraud before it happens, but too much friction at the checkout can lead to cart abandonment. How are sellers supposed to strike a balance here?

In this post, we look at what everyone means when they say “transaction fraud,” and what red flags one should watch for to spot potential threats. We’ll also offer some helpful tips to keep merchants from becoming victims.

What is Transaction Fraud?

Transaction Fraud

[noun]/tran • zak • SHən • frôd/

Transaction fraud can be any type of purchase which was not authorized by a legitimate user. With credit cards, for instance, transaction fraud usually involves unauthorized use of a victim’s credit card to make purchases.

The term “transaction fraud” is broad. It can really be applied to a wide variety of activities.

Essentially, any fraud scheme involving an exchange of money could be considered a type of transaction fraud. These days, however, the label is typically used as a synonym for payment card fraud, especially in card-not-present environments. In that context, merchants run a risk every time they process a credit card transaction.

There are hundreds of potential fraud & chargeback triggers out there. Are you taking action against them?REQUEST A DEMO

Fraudsters steal cards, account information, or even entire identities, then leverage the data to make unauthorized purchases. The rise of the internet and eCommerce has made this easier. Validating credentials for online orders, when a merchant never meets the buyer face-to-face, is difficult.

For the merchant, the trouble starts when the actual cardholder notices something amiss with their monthly statement. They may contact the merchant, but are more likely to call their bank and initiate a chargeback. At this point, the merchant has little recourse; if they accepted the unauthorized purchase, then they’re liable for the resulting dispute.

How Does Transaction Fraud Work? 

Again, the answer’s a little vague. Even if we narrow transaction fraud to just incidents involving credit cards, there are still several ways it can happen, involving dozens of fraud tactics.

That said, most scams follow a general pattern which requires the thief to illegally obtain account data. The most common sources for this information are phishing attacks and the dark web.

Phishing refers to any means of tricking a targeted individual into revealing personal information, such as passwords and credit card numbers. This can be accomplished through emails purporting to be from reputable sources, phony websites, etc.

In other cases, hackers gain access to stolen account information (through data breaches, for example), then sell cardholder profiles in bulk on the dark web. They may also sell the raw data files, enabling fraudsters to use various bits of information to create their own fake profiles.

For example, a scammer may buy 1,000 Social Security numbers obtained from a cyberattack. Many of these numbers will be invalid, but some will be real. The scammer can then use this information to impersonate a user, get lines of credit, and conduct transactions in the victim’s name.

Common Types of Transaction Fraud

As we mentioned, there are multiple methods for committing transaction fraud. Many involve identity theft, though as we’ll see, not all are based on stealing data.

Here are some of the most common tactics used to leverage stolen cardholder data:

Account Takeover Fraud

Identity theft means the fraudster has gained enough information to totally hijack a cardholder’s online profile. The fraudster locks out the authorized user and makes as many fraudulent purchases as possible before being discovered.

Learn more about account takeover

New Account Fraud

Like ATO fraud, new account fraud occurs when a fraudster adopts a false identity to create a new payment card account. The fraudster makes unauthorized purchases in the fake user’s name, then vanishes.

Learn more about new account fraud

Gift Card Fraud

Gift card numbers can be used for transaction fraud as easily as credit cards can, and with greater anonymity. Gift card balances can be stolen and siphoned to external accounts, or used for fraudulent purchases or money laundering.

Learn more about gift card fraud

Triangulation Fraud

In triangulation fraud, a fraudster poses as a real online store, tricking cardholders into making purchases. The fraudster then uses a fake account to fulfill the order through a legit merchant, keeping the actual funds from the purchase.

Learn more about triangulation fraud

Buy Now, Pay Later Fraud

“Buy now, pay later” (BNPL) became popular during the COVID-19 pandemic. Fraudsters use false credentials to qualify for the BNPL option, then either don’t pay at all or pay using stolen cardholder information.

Learn more about BNPL fraud

Of course, these are just a couple of examples. There is no end to the ways transaction fraud can happen, and cybercriminals are constantly inventing new techniques.

Why is Transaction Fraud a Growing Threat?

All types of credit card fraud are on the rise, and much of the blame can be tied to the internet.

Online shopping is a boon to both merchants and cardholders. But of course, the elements that make it easy for consumers can also aid fraudsters. The speed, accessibility, and anonymity of the internet have made fraud easier than ever.

For starters, more people than ever are shopping online. The greater the volume of transactions, the easier it is to slip fraud through the cracks. There’s also the fact that customers demand a fast, frictionless experience. Merchants are understandably hesitant to implement fraud-prevention technology that may slow things down and lead to cart abandonment.

It’s possible to prevent transaction fraud… as well as fraud that manifests itself after the purchase. We can help.REQUEST A DEMO

More consumers are also now storing personal information online. From bank apps and in-store loyalty programs to product registrations and smart appliance configurations, the internet is one big data smorgasbord as far as hackers are concerned. 

There are some security protocols in place, of course. That said, online information simply cannot be made 100% safe from fraud.

For every data breach that makes the news, there are dozens of smaller ones that happen around the globe. And, once stolen, much of this personal data ends up on the dark web for fraudsters to access and use.

Finally, card-not-present shopping has given rise to a new transaction threat: first-person (or “friendly”) fraud. Whether it is the result of a misunderstanding or a deliberate attempt to “cyber-shoplift,” filing unwarranted chargebacks is still fraud.

How Much Transaction Fraud is Too Much?

No one wants to lose money to fraud (obviously). But, keeping one’s revenue safe is not that simple. If we’re talking about transaction fraud, we also have to talk about the disputes resulting from that fraud.

Transaction fraud often leads to chargebacks that rob the merchant of much more than just the cost of the order. Beyond a refund, chargebacks mean merchants lose the actual merchandise, and have to reimburse shipping costs, pay additional chargeback fees, and more.

Also, each of the major card networks sets predetermined limits for how many chargebacks a merchant can receive as a share of their total transactions. This chargeback rate, or “ratio,” is used by banks and card networks to gauge the risk they feel the business represents. If the ratio gets too high, the merchant may be subject to additional oversight or increased processing costs. In worst-case scenarios, the retailer may lose the ability to accept credit cards at all.


A merchant’s chargeback rate is the key indicator that determines how much transaction fraud is “too much.”

Historically, the rule has been that merchants were fine if their chargeback rate was 1% or below. Nowadays, card networks may take action at any point they believe the merchant poses a threat. And rather than risk the network getting involved, the merchant’s bank may simply cancel the account at the first sign of trouble.

Learn more about chargeback rates

How Does Transaction Fraud Detection Work?

The best way to avoid the pain of transaction fraud is to not let it happen in the first place. The best fraud detection methods use AI data analysis and machine learning to monitor and assess transactions, complemented by informed human decisioning.

Fraud scoring tools can calculate hundreds of data points in seconds, comparing them to established risk thresholds in real-time. This is all done without causing undue friction during the customer checkout process.

“Safe” scores mean the purchase proceeds. Transactions with higher scores, however, imply potential fraud. In these cases, the transaction may need additional validation (fingerprint, code sent via SMS, etc.) on the part of the cardholder.

What about borderline cases, though? Here, the merchant may be alerted to the transaction and make a manual transaction review to decide whether to accept or deny the order.

Of course, fraud scoring doesn’t work on its own. You need a full, multilayer suite of fraud detection tools to give you the most accurate, reliable data regarding fraud threats and indicators.

Learn more about fraud detection tools

Top 4 Transaction Fraud Prevention Best Practices

While banks and cardholders have some responsibility, it’s really merchants that are on the front lines of transaction fraud prevention. And because fraud isn’t a singular, self-contained threat, it’s crucial to deploy the right practices to prevent fraud and protect themselves against the resulting losses.

What should merchants do to ensure they’re protected? Here are the top four most fundamental fraud prevention best practices to adopt:

Transaction Fraud

Keep Software Up to Date

Outdated fraud prevention solutions may fail to intercept new threats, and may even be exploited by fraudsters. Keep up with all software updates and patches and implement them as soon as possible.

Transaction Fraud

Conduct Regular Audits

Regular audits of all internal operations help ensure they’re running at peak performance. This might include staying up-to-date on tech changes and ensuring employees abide by fraud prevention protocols.

Transaction Fraud

Learn to Recognize Fraud “Red Flags”

Fraudsters are too smart to leave any smoking guns that would indicate a problem. That’s why merchants should give extra oversight to any transaction that is larger than normal, comes from an unfamiliar customer, ships to an address that can’t be verified using AVS, or raises other fraud red flags.

Transaction Fraud

Authenticate Buyers Based on Risk

Some orders may need more in-depth screening or even a manual review to verify the buyer’s identity. Merchants need to use tools to segment lower-risk transactions from riskier ones, thus introducing friction only when it’s necessary.

A Last Word on Transaction Fraud

That's a solid starting point. However, it's going to take a lot more effort for merchants to be sure that they’re doing everything they should to mitigate risk. 

Preventing credit card transaction fraud isn’t a simple matter of using one or two basic tools. Neither is it a “one-and-done” proposition. Prevention is an ongoing, evolving, and multilayer practice that requires constant attention. 

That’s why most merchants find a much greater ROI outsourcing chargeback management to a third-party provider like Chargebacks911.

Using proprietary tools and processes, we help merchants identify fraud sources and reduce occurrences, enabling long-term chargeback reduction. Contact us today to learn more.


What is transaction fraud?

Transaction fraud can be any type of purchase which was not authorized by a legitimate user. With credit cards, for instance, transaction fraud usually involves unauthorized use of a victim’s credit card to make purchases. This would include purchases on lost or stolen cards, or on cards that were illegally obtained. It also covers account takeover, identity theft, and other situations in which card use is deemed “fraudulent” by the issuer or card network.

What makes a transaction fraudulent?

Simply put: if a transaction was not explicitly authorized by the cardholder or another authorized user, it is considered fraud.

How do you identify transaction fraud?

Typical indicators of transaction fraud include unverifiable or inconsistent personal information, awkward use of language, or unusually large orders. You should also double-check purchases with the same card but different shipping addresses, or different cards using the same shipping address. Large orders where the payment is divided across different cards can be a red flag, especially if they don’t share the same verified billing address information.

How should merchants handle fraudulent transactions?

The best way to handle fraud transactions is to prevent them. If you suspect a purchase is fraudulent, you might first reach out to the customer. If that doesn’t work, hold off on shipping the order until you can talk to the buyer and confirm. If the situation can’t be resolved to your satisfaction, decline the sale. It’s better to decline a valid sale than approve a fraudulent transaction.

Like What You're Reading? Join our newsletter and stay up to date on the latest in payments and eCommerce trends.
Newsletter Signup
We’ll run the numbers; You’ll see the savings.
Please share a few details and we'll connect with you!
Over 18,000 companies recovered revenue with products from Chargebacks911
Close Form