How eCommerce Sites can stay ahead of Frauds this Holiday Season
By John
With global phone users reaching over 5.1 billion as at January 2019, means more people will be shopping online on mobile devices, which raises a huge risk for eCommerce fraud this season!
And as Black Friday Sales is just around the corner, so are cyber-criminals perfecting their strategies to hit it big on the biggest day of shopping this season. The sheer number of credit-ready traffic to the major retailers makes Black Friday the ideal attack vector for cyber-criminals.
Then, how can eCommerce Sites stay ahead of the Fraud threats this Holiday Season? Firstly, let us define what qualifies as eCommerce fraud.
What constitutes eCommerce Fraud?
When cyber-criminals utilizes stolen or fraudulently acquired credit card information to complete transactions via eCommerce sites or retail points is an eCommerce fraud.
Also known as purchase fraud, eCommerce fraud occurs when a bad actor approaches a retailer or merchant and proposes a transaction using fraudulently acquired means such as stolen or fake credit cards to pay for it, which leaves the merchant with failed payment for the sales made.
The menace of eCommerce fraud is gaining huge traction as a result of the rise in mobile technologies, new payment methods, and processing systems, with online store owners unknowingly opening doors to new forms of fraud everyday.
Such online frauds are now possible as some eCommerce sites store users information in insecure ways. And this open doors to hackers to steal the users’ information, including credit card details, in turn spurring the growth of card-not-present (CNP) frauds.
Different facets of Online Frauds
In order to be able to prevent or minimize fraud, you’ll need to know the different types of online frauds you are most likely going to encounter as an online retailer or eCommerce site owner. Now, let’s elaborate on the two most common types of eCommerce fraud known today.
1. Familiar Fraud
This kind of fraud happens when a customer pays for a product with their credit card, but issues a charge-back on the purchase, which is usually deliberate, by claiming the item was not received or they never made the purchase.
Albeit, the familiar fraud can also happen based on customers error, so to prevent the occurrence due to errors, make sure your eCommerce site’s credit card descriptors matches with your business name. As charge-back fraud happens atimes because customers didn’t recognize the company on their card statements.
Additionally, you should only use shipping with item tracking, which can be used as prove if customers approach you asking for refund to failed delivery; it’s perhaps the best evidence to prove the products were delivered to them. And ensure you have a clear refund, and return policies for your online store.
2. Clean Fraud
Clean fraud is when an item is purchased with a stolen credit card, which fraud has recently graduated to the advanced hackers league as it requires some actually advance skills to work it.
The cyber-criminal uses information about the cardholder with the stolen card, and that makes it look like legitimate transactions with billing, shipping, and IP addresses complete and verified data.
This type of fraud is pretty hard to spot because the data is correct, and smaller retailers without effective fraud check and prevention software are more likely to suffer for clean fraud.
How eCommerce sites can Prevent the Major types of Online Frauds
While no preventive system is 100% fool-proof, there are several steps you can take to minimize the occurrence of fraud to the barest level.
1. Implement SSL/HTTPS
Nowadays, it will be quite unbelievable that any eCommerce site have not implemented SSL/HTTPS, as this is just the basics for all websites, not just eCommerce.
The SSL encryption protocol enable the information transmitted by users on your site to remain confidential from eavesdropping or prying eyes because the communications between your browser and the server can be intercepted if it is not encrypted.
2. Use Third-party Payment Processors
As the cost of security could be on the high side, it is recommended that if you cannot afford top-notch security systems, use third-party payment processors.
As the payment processor specializes in handling online payments and make money off the sales, it’s in their interest to keep their system secure to ensure your store’s payments is also secure.
3. Keep all Software up to date
Always ensure that the software used to run your online store is up to date and running the latest version. As the software are updated to kill bugs and vulnerabilities which fraudulent actors can leverage to break into your systems.
The software providers are often hard at work in improving the security of their products, so make sure you are up to date with the updates.
4. Use Address Verification System
The Address Verification System (AVS) is what ensures that the billing address of purchase matches that on the credit card. And it also make sure the Credit Code Verification (CVV), which is the security code printed on credit cards, is not stored in the data holds.
Also, this system ensures the customer will need to have physical credit card to make any purchase.
5. Deploy Fraud Detection software
This is basically a solution that helps detect high-risk transactions. The fraud detection software uses algorithm-based analysis to assess the potential risk of every transaction.
It detect high-risk transactions and also analyze the risk factors in order to prevent or minimize fraudulent activities on your online store.
How to manually spot a fraudulent order
As the security systems are never 100% fraud-proof, it is highly recommended that you hire security experts to check for suspicious transactions. Though it may require extra time, but it sure will save you a lot of sleepless nights and lost revenues. Find below some signs to watch out for in potentially fraudulent transactions.
1. Multiple Cards on single IP address
When there are multiple orders using different cards, but from same IP address, raises a red flag! This means the transactions have been placed from same computer.
And if they have different names and shipping addresses, that is a more serious flag, indicating that the multiple orders are from same person.
2. Several Transactions within a short time
If multiple transactions is received form same person, this is a possible sign that a criminal is attempting to run up stolen cards’ credit line as fast as possible before the account is blocked.
So, always watch out for such signals from an individual customer placing several orders rather too quickly.
3. Large Quantity of Same product
Try to double-check transactions that involve large quantity of the same product.
Just as orders with multiple addresses, buying multiple items all at once of the same kind, is a sure way of matching out stolen credit cards as quickly as possible.
Conclusion
Always check manually for more suspicious transactions, though it takes a bit of time, but it can save a lot of cash for you and of course, sleepless nights.
While the cost of fraud prevention can be high, but after all, making the most of the holiday shopping sales will be most reassuring, so you should ensure that fraud is reduced to the barest minimum for your online store.