Merchants should know how to prevent eCommerce fraud quickly and easily. If they don’t, they will spend too many resources dealing with the problem. Eventually, their core business will suffer.
Ecommerce sales will reach the $3.5 billion dollar mark in 2019. However, while that’s definitely cause to celebrate, it also comes with a huge caveat — fraudsters are paying attention. As the amount of money that goes through the system increases, the incentive to learn how to steal a piece of it grows as well.
The types of payment fraud scams fraudsters use to take advantage of the system evolve constantly. There is no quick fix merchants can take to prevent eCommerce fraud. But following several best practices can help to reduce the risk.
- Use Industry Specific Risk Modeling
- Avoid Merchant Errors
- Have a Plan to Scale Fraud Prevention Properly
- Watch out for Phishing Attacks
- Find Vendor Specific Tools
- Keep Detailed Order Recordsy
- Use Address Verification Services (AVS)
- Check the Card Verification Value (CVV)
- Ensure PCI Compliance
- Understand Chargeback Reason Codes
10 Best Practices to Prevent Ecommerce Fraud
Use Industry Specific Risk Modeling
Different industries and verticals experience different fraud patterns. Fraud prevention vendor Precognitive stresses the importance of understanding what fraud looks like in their specific niche. Merchants should review their own data to find relevant patterns and trends instead of relying on general patterns.
Avoid Merchant Errors
Chargebacks911 estimates that 20%-40% of chargebacks occur because of merchant error. Avoid things like unclear billing descriptors or confusing return policies that can frustrate legitimate customers.
Have a Plan to Scale Fraud Prevention Properly
Growing businesses are a growing target to fraudsters. Merchants should monitor their fraud data, and have a plan to manage scale. Nanoleaf, a merchant selling a highly-niche and “cool” product suggests merchants use their chargeback rate, administrative costs, and the costs of lost goods as benchmarks for when to take action.
Watch out for Phishing Attacks
Fraudsters often embed spyware in malicious links sent via email. This practice is known as “phishing”. According to research by Avanan, one in every 99 emails is a phishing attack. Email platforms do not do enough to protect businesses. Employees should never respond to an email asking for money or credentials.
Find Vendor Specific Tools
Fraud prevention solutions often offer their own services to help prevent fraud on specific eCommerce platforms. Often, they draw on data about how fraudsters target that site specifically. For example, a number of tools offer services to Shopify users.
Keep Detailed Order Records
Merchants can fight chargebacks. However, it requires proving correct order shipment and receipt. This requires a lot of information. Keep shipping records on file. Require customers to sign for packages. Provide clear billing descriptors. Document every touch point with customers. You can use them later to fight friendly fraud.
Use Address Verification Services
Address Verification Services (AVS) checks to see if the credit card billing address a customer enters at checkout matches the address the card’s issuing bank has on file for the card.
Check the Card Verification Value (CVV)
Card Verification Value (CVV) requires a customer to provide a separate three or four digit identifying code that is physically written on their credit card when they make a purchase. It is illegal for merchants to keep CVV data on file.
Ensure PCI Compliance
PCI compliant means following the Payment Card Industry Security Standards Council’s rules to protect eCommerce customer data. All online merchants merchants are required to comply with them. The Security Standards Council website has information on how to remain compliant. You can also use it to keep up to date on any changes.
Understand Chargeback Reason Codes
Chargebacks all have the same result. However, they occur in different ways. Card issuers make distinctions between methods. Each one has a different chargeback reason code. These differences matter when disputing the chargeback. If you don’t know them, you won’t succeed.
Use Tools to Supplement Best Practices
Finally, pay attention to account takeover fraud. In an ATO attack, fraudsters gain access to a corporate email account, which they then use to impersonate executive, steal employee credentials, and more. Although merchants often focus on chargebacks, this kind of direct theft happens frequently as well. Often times, the overall damage done by these attacks can be even worse.
All things considered, merchants need to use a combination of best practices and eCommerce fraud prevention tools. Many different types of tools exist, including fraud platforms, chargeback management services, and payment solutions.
You will never eliminate all fraud. However, if you take the task seriously you can do a lot to reduce its impact on your bottom line as much as possible.