Ecommerce Fraud

The Rising Threat of Organized Ecommerce Fraud

With an increasing number of retail sales taking place online, it’s more common than ever for a company to fall victim to a fraudulent transaction. Ecommerce fraud occurs when a bad actor (fraudster) completes an online transaction using a stolen payment instrument. The most familiar version of ecommerce fraud is using stolen credit card information to make a purchase, but ecommerce fraud can occur in a variety of ways, from hackers accessing a customer’s profile to actual consumers placing an order then disputing the payment with their credit card company. No matter the method, ecommerce fraud is a costly problem for online merchants.

Ecommerce fraud rose by 30% from 2017 to 2018. The cost of fraud is on the rise, too. For each dollar a company loses to ecommerce fraud, they’re paying nearly $3 in return. That means enterprises are losing 1.8% of their revenue on average every year. With $2.84 trillion in online sales last year, that’s a loss of $435 billion for companies.

The number of successful fraud attempts continues to rise and are quickly outpacing those that are prevented. Online retailers need to take steps to prevent fraud, but legacy fraud management platforms fall short. They’re unable to differentiate fraudsters from real customers, they slow down security teams, and if they do catch fraud, it’s often after the fact.

Shortcomings of Legacy Ecommerce Fraud Management Platforms

Rather than collecting a diverse set of data points from a customer’s personal and digital identity, legacy ecommerce fraud prevention platforms primarily survey consumer supplied identity and payment data. Consumer supplied data like email, name, physical address, and payment data don’t provide a full picture of consumer activity, and there is nothing to prevent a user from providing stolen information which makes it much harder for security teams to identify behavior that would indicate an instance of fraud.

Personally identifiable information (PII) is frequently stolen by fraudsters, and without a complete view of the consumer journey, security teams struggle to prevent fraudsters using easily sourced PII data to complete unauthorized transactions.

Lastly, legacy ecommerce fraud prevention platforms lack automation capabilities for big data and rely on dedicated teams to manually review potential red flags, and update the system. Not only does this require hours of additional effort, it means that fraud is often caught retroactively after inventory is already lost.

Best Practices for Ecommerce Fraud Prevention

For ecommerce enterprises to protect themselves against revenue lost to fraud, it’s crucial to employ solutions that give a detailed picture of customer activity and catch fraud before it happens.

Security teams have embraced the following ecommerce fraud prevention best practices that help retailers mitigate revenue lost to chargebacks, promo abuse, and card testing fraud.

1. Create comprehensive customer profiles: When a customer logs in to their account they leave behind digital and personal data that security teams can analyze to reveal patterns in customer behavior. Patterns help security teams uncover inconsistencies in customer activity that are indicative of fraud. To build comprehensive profiles, enterprise retailers collect a customer’s digital identity and personal data. Digital identity data includes the customers IP address, common devices, and other digital identifiers, while personal identity data includes information manually submitted by the user. Security teams can leverage
   the library of data to identify warning signs of fraud.
2. Identify warning signs of fraud: To detect and prevent fraud, retailers should identify common types of fraud and set up rules to flag suspicious activity. Common warning signs of fraud include purchases that do not match a customer’s typical geolocation, excessive distance between a customer’s billing and shipping address, repeat order disputes, and a spike in small orders with a high rate of authorization failures. Security teams can flag inconsistencies in customer behavior within their fraud management platform via rules or machine learning models to detect and prevent ecommerce fraud.
3. Layer fraud prevention and detection technologies: Comprehensive fraud management strategies utilize a layered stack of prevention and detection technologies. When enterprise retailers use a combination of rules engines, 3rd party data services, device intelligence, behavioral data, and machine learning the security team is able to adapt to new trends in fraudulent behavior, identify and prevent fraud in real-time, and reduce time spent on manual review.

Clear definitions of fraudulent activity, layered fraud prevention technologies, and comprehensive customer profiles empower retail enterprises to accurately detect and prevent fraud.

Identify, Detect, and Prevent Ecommerce Fraud

As global online retail sales climb each year, e-commerce fraud will continue to be a threat to a business’s security and revenue. With billions of dollars of revenue at stake, retailers can no longer afford to take a reactive approach to catch fraud. Legacy fraud management platforms haven’t kept up with the evolving ecommerce experience and don’t provide adequate security against a growing number of sophisticated fraud rings.

Retailers can proactively catch fraudulent transactions by creating comprehensive customer profiles, identifying unusual behavioral patterns and implementing layered prevention and detection technologies to reduce the number of instances that require manual review.

Precognitive partners with ecommerce enterprises to manage and prevent fraud and ensure account security. Powered by behavioral analytics, machine learning, and device intelligence, Precognitive’s platform surveys thousands of data points in real-time to accurately identify fraudsters. Simultaneous fraud detection and prevention reduces the need for time-consuming manual intervention and ensures comprehensive security.