A Merchant's Guide to Online Fraud Detection
Fraud is a constant problem for e-commerce merchants, causing revenue loss, reputational harm, and costly chargebacks. Merchants can minimize fraud by coming up with a prevention strategy and using effective anti-fraud tools to support their efforts.
Anti-fraud software is a fast-developing market, with a wide variety of solutions designed to detect and block online fraud in real time. These are powerful tools, but you have to understand their limitations and know how to deploy them properly. What is online fraud detection, and how does it fit into a merchant’s overall strategy for preventing fraud and chargebacks?
Credit card fraud went up by more than 44% in 2020, driven in no small part by increased reliance on e-commerce shopping during COVID times. At the same time, merchants are finding themselves assailed with greater frequency than ever by phishing messages, credential stuffing attacks, and other attempts to gain access to user accounts and the privileged data they contain.
If you’re conducting sales online, the fraudsters are already at your doorstep, and if you can’t hold them off the consequences can be devastating.
Chargebacks are far from the only painful consequence of fraud, but chargebacks alone can illustrate just how expensive and dangerous fraud can be. Every cardholder has the right to dispute fraudulent charges made on their cards; these disputes result in valid chargebacks that will always be upheld if the merchant contests them.
With every chargeback you’re on the hook for the purchase amount, the cost of the merchandise, various chargeback fees, and your related overhead, making the typical cost of a chargeback more than two and a half times the original transaction amount.
Worst of all, each chargeback causes your chargeback rate to go up, a metric that your acquirer monitors at the behest of the card networks. Carry an excess of chargebacks for too long, and you can be penalized with additional fees or even lose your merchant account. The only way to stop true fraud chargebacks is to prevent them from happening in the first place, which is why online fraud detection can be a key element in an effective chargeback prevention strategy.
How Does Online Fraud Detection Work?
An online fraud detection solution works by scrutinizing your transaction data for fraud indicators. Usually, this is not done a single time or continuously, but at several key stages in the transaction process
While online fraud detection focuses on detecting credit card fraud—the unauthorized use of a stolen credit card number—most solutions will examine other aspects of user behavior, device information, geolocation, and other factors that might help paint a more accurate picture of whether or not fraud is happening. These solutions are often classified as SaaS and cloud-hosted by the provider.
Detection-based solutions usually work by assigning a point value to every fraud indicator they detect. Before the transaction can be finalized, the online fraud detection tool will total up the points and decide, based on the final score, whether to allow the transaction or take some other action.
Transactions that are clearly fraudulent may be blocked outright, but for others, it may be appropriate to subject them to manual review or challenge the customer to provide additional information to confirm their identity. Tools that function in this way may also be referred to as “fraud filters.”
Typically, online fraud detection solutions will use machine learning technology to improve their fraud detection algorithm and scoring system over time. This is important because false positives—instances where legitimate transactions are mistakenly categorized as fraud—can end up becoming a significant problem in their own right if you aren’t careful.
What Do Merchants Need to Know About Using Online Fraud Detection?
The important thing to keep in mind with online fraud detection is that it isn’t a set-it-and-forget-it solution, it’s a balancing act: an ongoing process that has to be monitored, evaluated, and adjusted on a frequent basis in order to generate desirable results.
The goal is to keep your online fraud detection tool configured so that it’s producing positive ROI by successfully blocking actual fraud with minimal false positives. To achieve this, you have to monitor your solution’s performance, analyze your transaction data, and listen to customer feedback. Many customers will simply abandon their carts and leave without a word if their transaction is erroneously rejected, so be grateful for customers who take the time to let you know when they’re experiencing this.
If your false positives rate is too high, you might need to make your filtering criteria less strict, or at least direct more transactions to challenges or manual review instead of outright rejection.
Good online fraud detection tools should be able to integrate well with other payment and security solutions you’re using. Detection is more effective when it’s supported with other safe practices, like using two-factor authentication methods and 3-D Secure. One thing to look for is a tool that monitors signup and login activity to detect signs of new account fraud or account takeover attacks. These events may not lead directly to chargebacks, but they can be extremely harmful to your customers and damaging to your brand reputation when they occur.
Online fraud detection can be an important part of your chargeback prevention plans, but it’s not a killer app when it comes to stopping true fraud chargebacks. While artificial intelligence can be amazingly effective at picking up on the subtle clues that fraud is transpiring, the fact is that real customers frequently engage in weird idiosyncratic behavior while fraudsters are doing everything they can to look completely normal.
Relying too heavily on detection and filtering as your primary mode of defense will always leave you in a position where you’re alienating customers and still not achieving perfect fraud prevention.
To choose the right solution and keep it optimally configured, you have to know your customers and how they act, and you also have to understand where the fraudsters who target you are coming from and what their preferred methodologies are. Even so, you’ll still need to work from a strategy that includes process and policy-based practices for fraud reduction, along with clear guidance for dealing with friendly fraud and other chargebacks that don’t result from unauthorized credit card use.