• Latest
These Main Order Variables Indicate Fraud—But How Can We Tell Fraud From Good Customer Behavior?

How to Reduce Chargeback Risk

July 3, 2022
Moving identity authentication earlier in customer flow is top of mind at MRC Vegas 2023:

Moving identity authentication earlier in customer flow is top of mind at MRC Vegas 2023:

March 28, 2023
How to Strengthen Your Small Business’s Defenses Against Identity Theft

How to Strengthen Your Small Business’s Defenses Against Identity Theft

March 23, 2023
How Companies Can Avoid Zero-Party Data Fraud

How Companies Can Avoid Zero-Party Data Fraud

March 13, 2023
New Podcast Episode: Walls of Thieving Cellphones with Nethone

New Podcast: How to Stop Return Policy Abuse Fraud (Pt. 2)

February 22, 2023
Germany’s Fraud Prevention Firm Hawk AI to Focus on Global Expansion with $17M Series B

Germany’s Fraud Prevention Firm Hawk AI to Focus on Global Expansion with $17M Series B

February 15, 2023
Merchant Fraud Journal Releases Biggest Annual Fraud Trends Report Yet with Insights from 16 Leading Payment and Fraud Solutions

Merchant Fraud Journal Releases Biggest Annual Fraud Trends Report Yet with Insights from 16 Leading Payment and Fraud Solutions

February 7, 2023
Curbing emerging fraud types with network intelligence and data enrichment

Curbing emerging fraud types with network intelligence and data enrichment

January 31, 2023
Policy Abuse Fraud: What Is It and How to Protect Against It

nSure.ai Delivers Growth to Digital Commerce Leaders and Boosts YoY Revenue by 280%

January 25, 2023
Fraugster and Refurbed partner to increase approval rates and reduce fraud for refurbished electronics marketplace

Sift Appoints Former Ping Identity COO Kris Nagel as CEO

January 20, 2023
Veridos Announces Innovatrics as Strategic Partner for Advanced DNA ID Verification

Veridos Announces Innovatrics as Strategic Partner for Advanced DNA ID Verification

January 19, 2023
New Podcast Episode: Walls of Thieving Cellphones with Nethone

New Podcast: How to Stop Return Policy Abuse Fraud

January 10, 2023
How to Write a Strong Chargeback Policy: Tips to Help You Protect Your Business

How to Write a Strong Chargeback Policy: Tips to Help You Protect Your Business

January 6, 2023
  • Contribute
  • Contact Us
  • About
  • Join Us
  • Advertise
Wednesday, March 29, 2023
Merchant Fraud Journal
  • Home
  • Articles
    • Chargebacks
    • Fraud Prevention
    • Influencer Insights
  • Resources
    • Recorded Webinars
    • Podcasts
    • Vendor Directory
    • eCommerce Fraud Reports
    • Training and Certifications
    • Jobs Board
    • Associations and Non-Profits
  • News
No Result
View All Result
  • Home
  • Articles
    • Chargebacks
    • Fraud Prevention
    • Influencer Insights
  • Resources
    • Recorded Webinars
    • Podcasts
    • Vendor Directory
    • eCommerce Fraud Reports
    • Training and Certifications
    • Jobs Board
    • Associations and Non-Profits
  • News
No Result
View All Result
Merchant Fraud Journal
No Result
View All Result

How to Reduce Chargeback Risk

by Bradley
July 3, 2022
in Articles, Chargebacks
These Main Order Variables Indicate Fraud—But How Can We Tell Fraud From Good Customer Behavior?

Unfortunately, the need to reduce chargeback risk is an inescapable consequence of accepting card payments, especially in this digital age. It is predicted that merchants will collectively lose over $20 billion USD to chargebacks this year, with the majority of those claims being due to fraud. That’s where we come in.

We need to mitigate the chargeback risk of the fraudulent disputes that are issued against orders and purchases made from our companies. We need to stop them before they even happen… but how do we do this?

A single cure for these chargebacks does not exist. Effective solutions depend on the type fraud that is responsible for the dispute. This article will walk you through some general protective measures that you should take and some additional methods you could use to further safeguard your platform from specific types of payment fraud.

Let’s start with the universal protections that all e-commerce businesses should have in place.

Reduce chargeback risk with two-factor authentication

As common as two-factor authentication has become, there are still many companies that have no authentication processes in place. There has been a stigma surrounding 2FA and customer friction for years. In the beginning, yes, it was true. Customers were reluctant to use 2FA due to increased friction. However, times have changed and the world has moved online. Consumers have not only grown to be used to 2FA processes, they have come to expect and even appreciate them.

The key to keeping 2FA from creating any additional friction is to restrict its use to necessary actions and triggers.

Always have 2FA initiated during the creation of a new account. Have the customer verify their phone number immediately. Although there are workarounds, non-professional fraudsters will not go through the effort of doing so.

As for their email address, you can either do so right at that point, as well, or you can give the customer some time to do it. If you go the latter route, you can have the customer verify their email before their second or third order.

The reason you might choose to verify the customer’s email later is to limit the actions a customer must take to place their first order. You would be allowing the customer to verify their email on their own time, when they can get to it later on. Doing so will also reduce the risk of temporary email addresses being used for multiple orders on an account.

3DS / PSD2: Legislative requirements to reduce chargeback risk

3DS is sending additional data at the time of payment to verify that the purchaser is the card holder. PSD2 is basically the same thing but with extra security and less friction for the customer. In many countries, these are legislated and required.

If you are able and do not want these on every transaction, you could apply them based on the risk posed by the account and the order. Risk scores may be developed and used where greater risk scores have different actions against them. For example, on a risk scale of 1-100, scores above 50 could receive 3DS/PSD2 and those above 80 could be prevented from ordering all together.

Using either one of these will shift the liability away from the merchant and you will no longer have any chargeback risk. However, if you still have too many, even with the liability shift, you can still end up on an issuer’s monitoring program. We all know that using these will not eliminate chargeback risk entirely, but they will help and by you time to do so using other tools and methods.

3rd-party chargeback risk prevention solution

I highly recommend using a chargeback prevention solution but have listed them as optional. They are not an absolute necessity if you can do what you would need them to do in-house.

There are many solutions to reduce chargeback risk available on the market. Most of them have one strong selling feature that they focus upon with their marketing, followed by several general features that most of them have, like rule engines and risk scoring.

Some of these key prevention features include behavioral analytics, graph network analysis, anonymous data sharing and more.

Be sure that the main feature will compliment and enhance your present fraud prevention processes. They must work with them and do more than you are able to. The integration must be easy enough to not include too much development work. Finally, the pricing must make sense to the value of the fraud prevention. You do not want to pay more than what you are saving.

Following those general tools being in place, you’ll want to reduce chargeback risk by attacking each type of payment fraud in their own, unique way.

The risk of chargebacks from payment card fraud

These fraudulent transactions are what most often comes to mind when someone thinks of the risk of chargeback fraud. Bad actors use stolen credit card credentials to make purchases. They use these cards for various schemes using many different techniques.

Typically, merchants try to prevent card fraud with velocity rules. Industry AI and machine learning uses rules but they develop and revise very rapidly analyzing massive amounts of data in a very short amount of time.

In-house rules are effective for preventing chargebacks when added. But because they are static, you need to stay on top of things and continuously update them. If you set thresholds on order count, order value, card count or card failures, fraudsters will learn what they are and simply set their limits to be right below them. There is nothing wrong with using these rules. Set your maximums and remember to review them often.

[optin-monster-inline slug=”dvzjzd6yfp77f5n85mxn”]

Network blindspots

On top of rules that look at individual objects, you need to observe your network and what is going on across accounts. Look at activities across connecting data points. Do connected accounts have chargebacks? Do they have a lot of cards added very quickly? How about an abnormally high number of failed or even successful transactions in a short period of time? Are they all younger accounts? Have your preventions effect them all.

Watch for oddities and activities that should not be happening, such as foreign nations where you do not operate placing orders. Keep your eyes open for name, phone number, order value and email patterns. Catch imbalances like addresses appearing within specific time-frames more than their IP or phone numbers do. Check through the technical details and look into any pattern involving any anomalies like missing details or older versions.

Observe the behavioral patterns of these fraudsters. Are they copying and pasting information? Does the gyroscopic data of their device show no movement? Are all of the clicks and taps too accurate and too similar? Are they moving through pages at an exceptional speed? Is an account placing multiple orders to different addresses? These are all indicators of the bad behavior we are battling.

You have to do the work to reduce chargeback risk by seeing what is going on within your network. Don’t forget that you have to analyze the good and the bad customers to find behavioral differences. Know your customer to know your fraudster. They will not appear the same, no matter how hard a fraudster tries to hide.

Account Takeover (ATO)

Account takeover is a type of payment fraud where an existing account is accessed by an unauthorized individual for unapproved purposes. By the time one of these is reported, it is already too late and we have to react to the need to reduce chargeback risk—and a whole lot more (such as money being directly wired to fraudulent accounts). You do not want things to get to that point.

We are all aware of the basics around preventing formjacking. Rate limits on the velocity of login attempts from certain details are common. Monitoring occurs at endpoints for excessive traffic. We watch for unique or standout background details like user agent, emulators, browsers and more. For these alerts, we want to block the logins.

Additionally to those, there are other indicators at the account level that are available to us to help us be proactive in our defense.

The key indicator to an ATO is new. New device, new device type, new IP, new geo-location, new language… Different combinations of new, new, new.

With an ATO, seeing as how many services are offered globally and anyone can place an order for anyone they would like both to and from anywhere in the world, you don’t want to prevent these orders unless you are quite certain that they are an ATO. With this type of activity, we want to bring in part of the 2FA process and challenge the customer to identify themselves before processing the transaction.

Weak account protection

I do not recommend using a one-time password. Those can be intercepted through social engineering. What I would suggest is an SMS push with a very long and random unique one-time URL for the customer to click on that will pass them through the process and complete their order. It is much more difficult for a bad actor to get such a link or URL from a customer through social engineering than a 4 to 8 digit OTP. If they do not click the link, you should lock-down the account, ending all sessions and force a password reset once they are able to pass the challenge.

Because ATO makes it so easy to commit chargebacks and other types of fraud, fraudsters will try to change account details to be able to pass these challenges and gain access to an account. An additional layer of protection should be 2FA upon account change requests, as well. Verify the phone number if they wish to change their email address. Do the same with their email address if they wish to change their phone number.

Upon discovering an ATO attack, be sure that the devices used cannot commit another one.

Friendly fraud chargeback risk

Friendly fraud chargeback risk is the hardest to prevent. It costs at least $130 billion per year, because genuine card holders decide to file a false dispute on their charge—something essentially impossible to detect the first time. These chargebacks happen unexpectedly, out of the blue. There is no way to proactively detect that this is going to happen unless they are a repeat offender. That is hard, because it’s difficult to uncover the repetition unless they share points of collected personal identifying information. Only then can you prevent them before they do it again.

When it comes to these offenders, they will always get away with their first one, unless you represent the claim and win, but that costs a lot of time and money.

Ideally, you would block the customer’s identity on your own. However, that ability does not exist today. We need the assistance of issuers to do so, which they do not currently provide.


This article was contributed by Shawn Colpitts, Senior Fraud Investigator at Just Eat Takeaway.com

ShareTweetShareSend
Previous Post

Commercial Real Estate Cybersecurity

Next Post

New Podcast: How to choose an e-commerce fraud solution in 2022 and beyond

Next Post
New Podcast Episode: Walls of Thieving Cellphones with Nethone

New Podcast: How to choose an e-commerce fraud solution in 2022 and beyond

Our Latest Reports

2022 Chargeback Consumer Survey Report

Fraud Prevention Tactics that Enable Exceptional Customer Experience

Addressing Payment Fraud and The Customer Experience in 2022

2022 Fraud Trends Report

ATO Fraud In Retail Report

2022 Customer Experience Report

3 Ways a Unified Chargeback Management and Fraud Platform Increases Revenue

Digital Trust And Safety Report: Combating the Evolving Complexities of Payment Fraud

On-Demand Webinars

Balancing Customer Experience and Fraud Prevention: What’s the Secret?

Stopping Fraud Across the Customer Lifecycle

Addressing Payment Fraud and the Customer Experience in 2022

 

Get the 2023 Fraud Trends Report

Search Our Site

No Result
View All Result

Our Sponsors

Featured Directory Listings

  • logo
    NoFraud
  • SEON. Fraud Fighters
  • sift logo
    Sift
  • Signifyd
  • Ekata
  • Microsoft Dynamics 365 Fraud Protection
  • PayRetailers
  • Spotrisk

Our Sponsors

Fraud Industry News

Moving identity authentication earlier in customer flow is top of mind at MRC Vegas 2023:

Moving identity authentication earlier in customer flow is top of mind at MRC Vegas 2023:

March 28, 2023
How to Strengthen Your Small Business’s Defenses Against Identity Theft

How to Strengthen Your Small Business’s Defenses Against Identity Theft

March 23, 2023
How Companies Can Avoid Zero-Party Data Fraud

How Companies Can Avoid Zero-Party Data Fraud

March 13, 2023

Connect With Us

Quick Navigation

  • Home
  • News
  • Join Us
  • About Us
  • Contact Us
  • Advertise
  • Contribute
  • Privacy Policy

The Payments Media Network

Merchant Fraud Journal
Payments Review

Privacy Policy

Our Privacy Policy
Our Terms of Use

Resources

  • Articles
  • eCommerce Fraud Reports
  • eCommerce Fraud Webinars
  • Training and Certifications
  • Jobs Board
  • Associations and Non-Profits
  • Podcasts
  • Vendor Directory

Popular Posts

  • How to File a Claim With FedEx + What To Do If Claim is Denied

    How to File a Claim With FedEx + What To Do If Claim is Denied

    0 shares
    Share 0 Tweet 0
  • How Does Two-Factor Authentication (2FA) Work?

    0 shares
    Share 0 Tweet 0
  • Top eCommerce Fraud Prevention Companies

    0 shares
    Share 0 Tweet 0
  • The Best Reverse Email Lookup Tools in 2022 (with pricing)

    0 shares
    Share 0 Tweet 0

Featured Vendors

  • NoFraud
  • SEON. Fraud Fighters
  • Sift
  • Signifyd
  • Ekata
  • Microsoft Dynamics 365 Fraud Protection
  • PayRetailers
  • Spotrisk

Download the 2023 Fraud Trends Report

No Result
View All Result
  • About Merchant Fraud Journal
    • Interested in Contributing or Guest Posting to Merchant Fraud Journal?
  • Advertise on Merchant Fraud Journal
  • Articles
    • Chargebacks
    • Fraud Prevention
    • Influencer Insights
  • Contact Us
  • Download Addressing Payment Fraud and Customer Experience Report
  • Download Chargebacks Consumer Survey Report 2022
  • Download Evolving Complexities of Payment Fraud Report
  • Download Fraud Prevention Tactics that Enable Exceptional Customer Experiences Report
  • Download Merchant Fraud Journal 2023 Fraud Trends Report
  • Download the 2020 Chargeback and Representment Report
  • Download the 2020 Merchant Fraud Journal Vendor Guide
  • Download the 2021 Fraud Trends Report
  • Download the 2022 Fraud Trends Report
  • Download the 3 Ways a Unified Chargeback Management and Fraud Platform Increases Revenue Report
  • Download the MFJ 2022 Customer Experience Report
  • Download the MFJ ATO in Retail Report
  • Home
  • Job Dashboard
  • Join The Merchant Fraud Journal Community
  • Merchant Fraud Journal Advertising Agreement
  • MFJ Fraud Trends Report Giveaway
  • News
  • Post a Job
  • Privacy Policy
  • Resources
    • 2020 Chargeback Representment Guide for Merchants
    • 2020 Vendor Guide
    • 3 Ways a Unified Chargeback Management and Fraud Platform Increases Revenue
    • Addressing Payment Fraud and the Customer Experience in 2022
    • Associations and Non-Profits
    • ATO Fraud In Retail Report
    • Balancing Customer Experience and Fraud Prevention: What’s the Secret?
    • Chargebacks Consumer Survey Report 2022
    • Digital Trust & Safety: Combating the Evolving Complexities of Payment Fraud
    • eCommerce Fraud Reports
    • eCommerce Fraud Webinars
    • Fraud Prevention Tactics that Enable Exceptional Customer Experiences
    • Fraud Prevention Training and Certifications
    • How to Build a Recession Proof Chargeback Prevention Strategy
    • How to Stop Fraud During the 2022 Holiday Season
    • Jobs Board
    • Merchant Fraud Journal 2023 Fraud Trends Report
    • Merchant Fraud Journal’s Fraud Trends 2020 Report
    • Merchant Fraud Journal’s Fraud Trends 2021 Report
    • Merchant Fraud Journal’s Fraud Trends 2022 Report
    • MFJ’s 2022 Customer Experience Report
    • Podcasts
    • Prevent High-Velocity Fraud Attacks During the 2021 Holiday Season
    • Stopping Fraud Across the Customer Lifecycle
    • Vendor Directory
    • Webinar – Addressing Payment Fraud and the Customer Experience in 2022
    • Webinar – Mitigating Fraud and Risk on the ACH Network
    • Win January Chargeback Disputes
  • Subscribed
  • Terms and Conditions

© 2021 Payments Media Solutions Canada Inc.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?