The Internet was supposed to allow us to have a world without borders. A world in which a guy in New Jersey could buy tea from London and sweaters from Switzerland with a few simple keystrokes.
Unfortunately, the borderless nature of the World Wide Web — arguably the attribute that makes it so attractive to electronic commerce — has become one of the most dangerous things about it.
How pervasive is cybercrime? The answer is in the numbers. Of the 20,000-plus complaints sent to the FBI’s Internet Fraud Complaint Center in a six-month period, 64.1 percent were directly related to online auctions.
Another 22 percent involved merchandise and/or payments that were not delivered, while credit card fraud accounted for about 5 percent of the toll.
Critical hotspots for online fraud are California (where the FBI said there are more Internet criminals and victims than anywhere else in the U.S.), Florida, Texas, Pennsylvania and New York.
The FBI got a lot of complaints in which the victim lost US$100,000 or more — one complaint involved losses in excess of $366,000. The average loss for online auction fraud victims was $200, the FBI said.
While that may not sound like a huge loss, losing $200 was probably enough to discourage a whole bunch of consumers from giving online transactions a second chance.
And therein lies the rub for all of us. Clever cybercriminals are increasingly striking just as e-commerce steadies itself from the recent shakeout, and just as the world population is finally coming online en masse.
If left unchecked, Internet fraud could slow or stop the ongoing surge of new e-shoppers logging on to buy.
That Which Divides Us
Just as world powers are grappling with the problem of how to conduct business electronically on an international scale, with various tax laws, language barriers and disagreements about jurisdiction, Internet fraud may be the common denominator that brings them together.
Last week, the U.S. Federal Trade Commission (FTC) announced an agreement with 12 other countries to create a database that will target online crime. The participating countries plan to pool their resources to track and catch perpetrators of Internet fraud.
The FTC’s announcement sends two key messages. First, the world powers recognize electronic commerce as viable and credible. Second, the volume of electronic business and associated crime is significant enough to merit an international effort.
As usual, there will be a contingent of observers who object to any level of governmental involvement in regulating online business, but this time their cries will likely go unheard, and rightfully so.
Clearly, as e-commerce grows, so will the opportunities for consumers and merchants to be victimized. That means that right now, merchants must be especially diligent.
Law enforcement agencies point to several red flags that Web merchants are apparently failing to see. For example, merchants need to be on alert for such things as shipping and billing addresses that do not match and for orders that are being sent to high-risk international locations.
Credit card companies enable merchants to check addresses quickly and easily on cardholder orders. Even so, some Web merchants are not doing so.
According to a March survey from the Worldwide E-Commerce Fraud Prevention Network, only 10 percent of respondents believe fraud is their most significant problem. Without a doubt, Web merchants need to get serious about online fraud right now, admit that it’s a problem and take some basic actions to stem the tide.
Fraud, it seems, does not just happen. It is often allowed to happen.
What do you think? Let’s talk about it.
Note: The opinions expressed by our columnists are their own and do not necesarily reflect the views of the E-Commerce Times or its management.
AVS is fine for billing verification. As a means to limit fraud, it leaves much to be desired. Restricting customer delivery options is an easy way to send customers scurrying off to the brick and mortar shops. Imagine an online florist trying to work within the model you’re proposing. How much money is he likely to make? Think about it. I’m at work (accepting deliveries)all day, I’m going to send my package to my home where there’s no one to receive it(or perhaps I’m to remain at “the billing address” until it arrives)? Once the courier misses me, I’m going to ride to “the Lost City” to pick it up? Maybe once, but after that the bricks look pretty good to me.
The banking systems outside of the US do not provide AVS, although there are some very select providers outside the US – AZ Bertelsmann Direct (direct marketer in Germany) for Germany, AUstria and Switzerland.
AVS IS NOT in my opinion the way to manage on-line credit card fraud risk. A multi-phase strategy (our company has FIVE) helps to detect, prevent and prosecute (goodness forbid).
The AVS that US merchants use to verify addresses is only available in the USA. It is my understanding that the UK has a similar way to verify UK cards but you would need a UK payment processor. European countries are pushing to use the new cvvs form of verification for credit card purchases. Unfortunately the use of the Internet to sell goods and services are in its infancy stages and thieves seem to have the upper hand on most companies and individuals that are trying to expand their sales to include a worldwide base. Since most companies have inadequate protection, law enforcement is also put at a disadvantage. Al Cameron Credit/Loss Prevention Manager Digital River, Inc.
Trustmark companies such as Trust-e, BBB Online (Better Business Bureau), ConsumerTrust are ensuring that the merchants exist, and are reliable and ethical. It also includes privacy policies to protect consumers.
Traditional business with weak internal controls will have themselves dealing with employee frauds. Singapore Airlines in Singapore, Alan Bond’s Case in Australia and many others, are just the some of the cases that have been reported. E-commerce, on the other hand, at its infancy, exposes not only its weak links internally but also externally because this is the World wide web we are talking about here. And there is never going to be a 100% web. Therefore it is unfair to say that “fraud is allowed to happen”. Rather, I believe, in my most humble opinion, that it’s just a matter of whether or not your firm is being a target and how strongs your deterrants are.
I have a question to ask all of the readers. I know in the article it is mentioned that ecommerce sites can verify the billing address for a credit card. I use the procedure to verify US billing address’ however I have been told that you cannot verify international ones. Does anyone know how to do this, is there even a way to do it? Thanks for any help you may be able to give me.