A new report says losses tied to fraudulent e-commerce activity will reach US$2.8 billion this year as professional scammers target fast-growing e-tail sites that are too large to manually verify each purchase but haven’t yet implemented sophisticated anti-fraud measures.
CyberSource, which offers payment solutions and fraud detection solutions, said its 7th annual survey of e-commerce providers finds that fraud will rise 8 percent over 2004 levels. The increases come after several years during which fraud rates were being kept in check.
Fraud loss rates will be as high as 1.8 percent of revenue for mid-sized merchants — those with sales of $5 million to $25 million. That group saw the largest jump in expected losses to fraud such as purchases made with stolen credit card numbers.
Doug Schwegman, director of market and customer intelligence for CyberSource, told the E-Commerce Times that companies in that segment are likely just coming onto the radar screens of professional fraudsters.
“Smaller merchants can manually verify every purchase, but there comes a point in their growth when that’s no longer practical,” Schwegman said. “The companies realize they can’t just keep adding bodies to keep up with the volume of sales. No one is going to allow an e-commerce division to hire as many people as it would take to check all purchases.”
The largest companies, meanwhile, are likely to have more sophisticated anti-fraud systems in place. Those same companies, however, may also be at greater risk for fraud because they are more likely to have significant international sales, which are among those that have the highest rates of fraud, with a 2.4 percent fraud rate compared to around 1 percent for all domestic sales.
The small firm segment — those with sales of less than $5 million annually — fared the best in terms of keeping fraud low, largely because they are able to monitor their sales more carefully, Schwegman speculated.
The fraud survey, which is based on input from more than 140 companies with e-commerce operations, comes as a cautious reminder to merchants just as the most important eight weeks of the e-commerce year leading up to the Christmas holiday, begin.
Tried and True
Bruce Frymire, director of corporate communications at CyberSource, said there doesn’t appear to be any single trend or new approach to fraud that will help explain the 8 percent increase to $2.8 billion in fraud losses, which is based on the survey and on the Forrester forecast for 2005 online sales.
“A lot of it comes back to the tried and true methods of stealing peoples’ wallets and purses or buying credit card numbers online,” he told the E-Commerce Times. Many large-scale fraudulent purchases are tested first, Frymire said, and if successful are quickly followed by a flood of additional purchases. “There are a lot of programs out there that will help detect that. But a lot of companies in that medium size category may not have arrived at that point yet.”
Schwegman said several factors will drive more e-tailers to boost their internal fraud protections. In some cases, large merchants who have high fraud rates will be forced to take steps by credit card companies to reduce those rates. But usually, the merchants are motivated by a desire to protect their bottom line.
For that reason, sensitivity to fraud often varies based on the profit margin and cost of sales at any given e-tailer. Those with thin margins will see their profits hurt by relatively few fraudulent purchases, while those with more room for error can absorb more.
The rise of identity theft and the fraud that accompanies it has long been seen as a threat to e-commerce growth from the consumer perspective. With complaints of identity theft and phishing attacks on the rise, analysts theorize, some consumers may shy away from buying online.
A recent report from the Pew Internet & American Life Project, in fact, said some consumers had begun to change their habits recently as a result of the rise of phishing and similar attacks aimed at capturing sensitive information, with some steering clear of Web sites they were not familiar with or referred to.
The CyberSource report, meanwhile, suggests another way that the e-commerce industry can lose revenue to fraud: As they work to ferret out unauthorized purchases, many retailers inadvertently block some legitimate sales.
CyberSource said the most popular automated approaches to stopping fraud are address verification system, used by 75 percent of merchants surveyed, and card verification number systems, which two-thirds of all merchants used. Specific verification tools from credit card issuers are also gaining in popularity.