How to Use Velocity Checks as an Effective Fraud Tool
Table of Contents
- What Is Velocity Checking?
- How Does Velocity Checking Reduce Fraud and Chargebacks?
- Frequently Asked Questions
There’s no magic bullet that can stop eCommerce fraud. When a cyber-criminal has all the right payment credentials, there might not be any single dead giveaway that they’re not actually the cardholder. Instead, you have to look at multiple data points, and analyze the transaction in its context. That’s where techniques like velocity checking come into play.
As fraud evolves and becomes more sophisticated, you see more of these fraudsters with airtight credentials, and it takes a varied set of tactics to detect them. How can merchants make velocity checking an effective element in their overall anti-fraud strategy?
Fraud is a big problem for eCommerce merchants, and it just keeps growing. 2020 saw a 9% increase in monthly fraud attacks over the previous year, and nearly every successful fraud attack turns into a chargeback that costs the merchant revenue, fees, and an increase to their chargeback ratio.
Legitimate true fraud chargebacks can’t be fought, merchants have to accept them—which means that the only way to stop them is to prevent fraudulent transactions from happening in the first place. That’s why a strong anti-fraud strategy is the cornerstone of any good chargeback management plan.
Defeating fraud requires the right tools, an effective plan, and human intelligence. By helping merchants identify fraud through patterns of user behavior, rather than specific data points, velocity checking serves an essential role in detecting the fraud that slips past authentication checks and other verifiers of identity.
What is Velocity Checking?
Velocity checking is the process of analyzing your transaction data to see how frequently certain data points recur. This allows you to recognize patterns of normal user behavior, and deviations from those patterns may indicate fraud.
Here’s an example: velocity checking might flag an instance of a single customer submitting multiple orders within a single day. While that may not be unusual customer behavior for some merchants, it’s also a common sign of fraud.
A velocity checking tool, integrated with your CRM, would flag these orders for review before processing payment. The merchant could then call or email the customer to verify whether they actually placed multiple orders.
As sophisticated as today’s fraudsters can be, it’s still quite common to see them deluge a merchant with multiple transactions in a short period of time, because that’s often the most efficient way to maximize the profit from a stolen credit card.
Most fraudsters don’t steal the payment credentials themselves—they trade or purchase blocks of stolen credentials on the dark web and other illicit markets. They don’t know whether any given card number will work or if it’s been maxed out or reported as stolen already.
The best way for them to find out if it will work at all is to test it with a small purchase. This is called card testing, and when the fraudster gets a successful transaction, the best way for them to get as much money as they can out of the card is to stick with what works and keep submitting orders to the same merchant.
Profiting from card theft is a numbers game: the fraudster may experience many failed transactions and cancelled orders, but it all pays off when they find the lucky combination of a card that works and a merchant with weak anti-fraud security. You do not want to be that merchant, and processes like velocity checking can stop fraudsters who rely on card testing and multiple orders.
How Does Velocity Checking Reduce Fraud and Chargebacks?
Velocity checking doesn’t stop at catching multiple orders from the same account. It can monitor IP addresses, device signatures, billing and shipping addresses, or any other element of transaction data. Depending on the situation, not all data is equal when it comes to velocity checking. Fraudsters may go to some length to conceal the fact that they’re targeting the merchant for fraud, and monitoring the transaction frequency by user ID alone won’t catch a fraudster who creates multiple fake user accounts for the same stolen credit card. Each data point can provide an indication of fraud, but each can also be bypassed, so tracking multiple data points is crucial for effective velocity checking.
IP address checks will catch multiple cards and accounts being used from the same computer, but can be bypassed with a VPN. Device signature can do the same and is harder to bypass, but it's not foolproof either. Multiple transactions with the same shipping address can be an effective way to catch a fraudster ordering physical goods, but with modern shipment tracking, a fraudster could have packages delivered to multiple nearby locations and simply be ready to pick them up off the doorstep when they arrive. Velocity checking by card number is very effective at limiting the total damage, but fraudsters will often have multiple card numbers at their disposal, so weak fraud protection outside this can still leave a merchant extremely vulnerable.
By looking for recurrences of multiple data points at various intervals, velocity checking can help merchants refine the fraud filters and screening procedures they use to flag orders for manual review. If your velocity checking tool picks up on the fact that a regular customer has suddenly placed an order from an IP address thousands of miles away from their home, with a brand-new shipping address that doesn’t match either location, you don’t need to wait for multiple orders to come in before contacting that customer for further verification.
Just as with any other anti-fraud tool, there is some risk that velocity checking will generate false positives and flag legitimate orders as fraud.
This can be especially problematic if automated processes automatically cancel or reject these orders, or if your manual review processes take a long time to resolve.
Anti-fraud tools always carry some risk of causing friction with your actual customers, especially when they rely on subjective analyses of behavior patterns. Merchants must monitor these tools closely, adjust their settings as needed, and have a process in place for quickly attempting to verify any flagged orders. If it takes several hours before you're checking to confirm an order flagged for manual review, you may find that the customer has already made their purchase elsewhere, or has decided it's not worth the hassle.
When you can reach out to a customer through their verified contact information and get them to confirm that they did not, in fact, place a suspicious order, you can avoid the chargeback that would follow from completing that transaction. In addition, so long as this confirmation takes place immediately, you'll find most customer aren't bothered by the additional verification, and may even be happy to know that your business has such anti-fraud measures in place.
When a fraudster gets a hold of a stolen payment card that works, the race is on to run up as many charges on it as possible before it gets maxed out or reported. As clever as cyber-criminals can be, this predictable greedy behavior will often cause them to reveal themselves to detection methods such as velocity checking. It should be a required part of every merchant’s anti-fraud toolkit, along with other reliable defenses like AVS and CVV verification.
If you’re not sure where to get started with all of these tools and methods, keep in mind that fraud protection is a crucial part of defending against chargebacks. Chargeback management firms like Chargeback Gurus can always help with implementing these tools and getting them to work harmoniously with your existing systems.
What is IP velocity?
What does card velocity mean?