With more than 40 million recently compromised credit cards available to fraudsters, merchants are faced with the challenge of preventing the use of these cards on their Web sites. What once was considered a rather insignificant cost of doing business online, has become a highly organized and profitable criminal endeavor. With worldwide credit card fraud surpassing US$2.5 billion last year alone, merchants must be prepared to fight off more fraud than ever.
There are however, certain things that merchants can do to reduce their exposure to fraud. Following are five fundamental methods to successfully reduce fraud.
1. Track Chargebacks. When a chargeback is received, it should immediately be matched to the original transaction record. This will provide valuable insight into how fraud was perpetrated, and will arm merchants with the necessary information to reduce future chargebacks. This research might also unveil that a chargeback is not actually related to fraud, but rather the result of a pervasive customer service issue that needs to be addressed, such as incorrect product listings or delayed shipments.
2. Create a Fraud Team. It is paramount that a merchant create a well-trained team whose sole function is to combat fraud. A small group of highly trained investigators will quickly become adept at discovering anomalistic transactions and should be encouraged to use any legitimate means to accomplish their investigations, even when those means lie outside the bounds of standard corporate protocol. This includes using non-network computers to research the fraudster underworld, or having access to engineering resources to implement necessary changes to the fraud mechanism.
Daily meetings should be de rigueur for the fraud team, to disseminate late breaking attacks, and should include a member of the executive when possible, to communicate unfolding issues to the decision makers within the company. These meetings should not just cover details about blocked attempts, but more importantly, should detail every loss in order to prevent similar scenarios in the future.
3. Proper Tools. Fraud-detecting software is the merchant’s first filter for highlighting possible fraud. Any investigation team can only review transactions that the fraud solution displays. If a fraud solution does not flag the appropriate set of suspect transactions, even the best team of investigators will fail. Conversely, if a solution presents too many transactions for review, the investigation team will waste valuable time reviewing benign transactions.
Any fraud prevention solution must be regularly updated to capture the latest fraud attacks without overwhelming the investigation team. Updates should include: tuning the risk algorithms, updating hot lists, and collecting new data points for analysis.
4. Gather Better Data. If a police investigation were limited to only three elements — hair color, eye color and weight — the success of the investigation would be extremely low. Imagine if descriptions regarding gender or height, which are fundamental to any normal investigation, were not even available to the investigators. Without this data, the police might never find the appropriate suspect, or might spend an inordinate amount of time vetting all of the law-abiding citizens that match the same three criteria as the perpetrator.
Similarly, many merchants attempt to detect fraud without utilizing all the elements of a transaction to enhance the accuracy of their investigation. Most merchants are sitting on a wealth of transaction data that is regularly being used by marketing, sales and finance to both increase and optimize business. This same data should be harnessed to increase the depth of an investigation, even if it does not appear pertinent to the practice of fraud detection on the surface. Merchants must think creatively about how to capture and use every available piece of data to increase detection.
5. Non-Intrusive. For years, cardholders have been told that they are not liable for any fraudulent purchases. While this provides security for the cardholders, the merchants are left holding the bag. Meanwhile, if a customer is required to jump through too many “verification” hoops to complete a transaction, they might simply take their business elsewhere. Merchants must be able to validate transactions without insulting the customer experience. Merchants that can provide their customers with an effortless buying process and who can perform exceptional fraud detection will be the ones who ultimately succeed.
Any fraud prevention solution or methodology must be assessed in terms of its overall benefit to the merchant. A stalwart solution that reduces fraud, but negatively impacts the customer experience — either by increasing “false positives” or by delaying order fulfillment, might be as dangerous to the well-being of a company as an ineffective fraud solution. The ultimate key to successfully combating fraud is to take a holistic approach when implementing a fraud solution and to remain vigilant to developing threats.
David Britton is the director of Professional Services, e-Commerce for Scottsdale, Ariz.-based The 41st Parameter, a provider of invisible online fraud prevention and authentication solutions.