E-commerce and MOTO- You’ve got a target on your back.
Fraudsters are very adaptable types and they are ever searching for new and unique ways to get what they want. It seems like they are always one step ahead of any safeguards people are using to keep themselves safe and they are quick to adapt to changing times. With the adoption of EMV it has become harder to accomplish credit card fraud at brick and mortar stores. This has caused resourceful fraudsters to move to the e-commerce and m-commerce realm and target online merchants more and more. Add to that the fact that consumers are more connected than ever, are being free with their personal, private information all over the place online through social media and do much more of their purchasing through e-commerce avenues. Visa has estimated that the total e-commerce spending will double from $1.7 trillion in 2015 to $3.5 trillion by 2019. There are currently about 4.9 billion connected devices that they believe will jump to 25 billion connected devices by the year 2020.
Let’s face it, WE buy online, with our mobile devices and through our apps. These ingredients have created a virtual smorgasbord of information for the taking for the morally challenged. Seriously, there are over 644 thousand phishing emails sent every minute. The result has turned 2016 into a banner year for credit card fraud.
Credit card fraud in general leapt to an all time high in 2016, but while Point of Sale incidence was virtually unchanged from the 2014 and 2015 numbers, Card-Not-Present (CNP) fraud, specifically, saw one of the most significant increases with a 40% jump over the year prior.
E-commerce merchants: some sacrifice security rather than inconvenience their customers.
With so many businesses in this arena fraud can run rampant. Consider the fact the this is the easiest space for the fraudster to accomplish their goals. They are hidden behind anonymity. As long as they have a credit card number with the expiration date and the security code from that card they can purchase whatever they want. They do not have to show an ID, no one can see their face. There is no one on the other end of the line trying to verify if the person using the card is the person who actually owns the card.
But there are a few ways you can protect your business from fraud. If you implement just a few practices you can greatly reduce the instances of a fraudulent charge and help to deter these sales from going through and costing you and the consumer a lot of money.
First and foremost implement fraud solutions.
Make sure your cart utilizes the CVV code verification. While thieves can also attain this number the use of it will deter fraudulent sales from the ones who do not have it.
You should always be using Address Verification Service(AVS). This automatically compares the address entered for the card with the address on file with the card issuer. The purchase will automatically be flagged when the addresses do not match.
You may want to consider installing 3D Secure technologies. 3D Secure technologies implementation such as Verified by Visa and MasterCard SecureCode offers an extra layer of protection for cardholders and merchants. This means that there are 3 domains where the secure credentials are checked before the purchase. The cardholder must set up his or her Verified By Visa or MasterCard SecureCode credentials first, then the customer is asked to enter the additional password after checkout completion to “verify” they are truly the cardholder. The information is being checked 3 times, by acquiring bank (retailer’s bank), the issuing bank (the cardholder’s bank) and the infrastructure that supports the 3D Secure protocol. This ultimately shifts the liability of fraud and chargebacks from your business onto the card issuing bank. There are a few pros and cons to using this and you will have to consider your sales volume and chargeback rate among other things to decide if this is right for your business model.
Often times hackers get a whole list of credit card numbers but they do not have the name or any other information on the cardholders. Requiring a user account setup means that they would have to make up a name, password, address, security questions. This would make it easier to verify that the account information does not match the card in use.
This could help deter the would-be fraudster from continuing to try to make a purchase on your site and ultimately lower your incidents of fraud.
Pay attention to your actual sales information
A few instances that could raise some red flags that there may be fraudulent purchases being made will be right there in the purchase. Does the address related to the card match the address where they want the goods shipped? While once in awhile you will have an instance where someone bought something for someone else and is having it shipped directly to them this really isn’t very common. Is it an uncommonly large purchase compared to your normal ticket value? And when it comes to shipping, are they buying it with a card that is issued in America but are having it shipped to a foreign country? Did they request and pay extra for rush shipping. If you suspect there might be fraud you can try to verify that the card matches the buyer. Call the customer directly if you have captured their phone number and ask if they made this purchase. You can also try calling your merchant service provider and verifying that the address matches the address for the card.
Lastly, make sure you are keeping up with your PCI compliance.
PCI Compliance is the Payment Card Industry’s Data Security Standard (PCI DSS). These standards and requirements were created to help ensure that all online merchants (and their customers) are protected from fraud and data breaches. A critical first step to protecting your e-Commerce business is achieving and maintaining your compliance via the PCI Compliance Guide.
In the busy world of business ownership we can get all too tied up with just running our business. But considering that CNP fraud makes up 45% of all card fraud in the U.S. coupled with the fact that fraud costs on average $2.40 for every dollar lost due to fraud it’s an important point to dedicate some of your attention to. According to Al Pascual, director of fraud and security at Javelin, “The rate of online fraud is increasing faster than the rate of e-commerce transactions in the United States.” Merchants are going to have to double down on their efforts to be prepared for this increase in activity and take steps to mitigate this type of fraud and protect their bottom line.