Credit Card Fraud Detection Tips 2020
Credit card fraud remains one of the biggest problems to plague ecommerce. For the most part, consumers accept the risk, knowing that they’re protected from liability if someone uses their card without authorization. This protection comes in the form of chargebacks, and merchants end up footing the bill.
Merchants are stuck accepting true fraud chargebacks and eating the associated costs and fees. The only real way to avoid true fraud chargebacks is to identify or prevent fraudulent transactions before they can be completed. How can merchants detect credit card fraud in time to stop it from happening?
Payment cards are easy to use because you only need to transmit a few simple numbers to the bank in order to identify your account and authorize the transaction. This simplicity makes them vulnerable as well, because it’s very hard to practice rigorous data security on a few simple numbers that must be shared with the parties you’re transacting with.
In the card-present space, EMV chips have gone a long way towards reducing in-person fraud. These chips tokenize account numbers, making them less vulnerable to data theft, and cannot be counterfeited as easily as magnetic stripe cards.
In the card-not-present transaction environment of ecommerce, there is no technological solution equivalent to the EMV chip in terms of widespread use and effectiveness. Merchants have no choice but to make use of a wide variety of tools, methodologies, and operational practices if they want to stay ahead of the fraudsters.
Credit card fraud costs the global economy more than $24 billion per year, and the numbers keep going up. Smaller merchants suffer the most from the impact of fraud, and that’s why it’s so important have tools and practices in place to detect fraud in its early stages.
What’s the Difference between Credit Card Fraud and Identity Theft?
One thing that can make it difficult to shape an initial anti-fraud strategy is that there are a lot of different terms in use for different types of fraud, and they tend to get used interchangeably. When we speak of credit card fraud, we’re talking about situations where a payment card has been used to make a purchase without the knowledge or consent of the cardholder. In other words, someone has stolen the card—either the physical card itself or the account number, expiration date, and other necessary payment credentials.
Credit card fraud can originate from a wide range of scenarios, from a thief stealing a credit card from an unattended purse to sophisticated cyberattacks that steal thousands of sets of payment credentials from merchant websites.
Identity theft, on the other hand, involves using somebody’s personal information to open up brand new accounts under their name.
A third type of fraud, account takeover, is when a fraudster gains access to an online account, such as at a bank or ecommerce store, which belongs to somebody else. Account takeover often leads to credit card fraud, as the fraudster may be able to make purchases or steal payment credentials of the account owner had their credit card information stored there.
From a chargebacks perspective, it’s also important to note the specific case of “friendly fraud,” where a customer authorizes a purchase and then disputes the charge under false pretenses. Merchants should always fight friendly fraud chargebacks—with the right evidence, you can get them reversed.
What Are the Essential Tools for eCommerce Fraud Detection?
Data security starts with your foundational hardware and software. Make sure that the platforms you use for processing payments and storing customer data are PCI-DSS compliant, which means they’re up to date with the latest industry standard anti-fraud security measures.
The next step is to utilize some of the basic anti-fraud tools provided by your payment processor, like AVS and CVV verification. This requires purchasers to enter the correct billing address and CVV number associated with the payment card in order to complete a transaction. While some fraudsters will have access to this information, many won’t.
Beyond that, third party anti-fraud tools like Bolt, Kount, and Sift can bolster your defenses by using artificial intelligence and machine learning to identify fraud. These solutions look at data such as geolocation, IP addresses, transaction velocity, and other factors in order to assign a score to transactions that tells you how likely they are to be fraudulent. Merchants can then reject suspicious transactions or scrutinize them more closely before processing.
Merchants can also adopt solutions like 3-D Secure, which adds an additional authentication step for customers to complete. This can make your checkout process a little longer and more involved, but it’s highly effective at stopping fraudsters.
What Else Can Merchants Do To Detect Fraud?
Once technological solutions have been set in place, merchants have only their knowledge, experience, and intuition to help them identify fraud—but these can be powerful resources.
It’s easier to spot the red flags of fraud when the fraudster has to deal with the merchant face-to-face, so once again brick-and-mortar merchants have the advantage here. However, as you get to know your customers and the flow of your business, you will spot indicators and patterns that signify fraud. There may be certain products in your inventory, for example, that have a high resale value and are frequently purchased by fraudsters.
While some merchants may believe they have mastered the art of sniffing out fraud, it never hurts to supplement with some good data science. When you analyze your known true fraud transactions, the data will show you even more indicators and patterns, and may confirm—or dispel—some of your hunches. You can also use the results of your fraud data analysis to inform your fraud scoring thresholds.
True fraud chargebacks are among the worst and most costly type. They can’t be fought, you’re out the money for both the transaction amount and the product you shipped, and it’s often difficult to point to any single vulnerability or operation error that led to it.
With the right tools, training, and experience, chances are better that you’ll be able to catch the subtle signs of fraudsters in the act and block them from doing business with you. It’s no easy task, but it’s one that every merchant has to take on if they want to protect their customers and revenue from bad actors.