The holidays are a time of family, friends and feasting, but for fraudsters and hackers, “the most wonderful time of the year” is open season on your bank accounts and bottom lines.
As more and more merchants have adopted EMV for POS, fraudsters have turned to online (card-not-present) attacks. In 2016, ecommerce fraud grew by 31% during the holidays, costing merchants 7.5% of their annual revenue. Chargeback volume alone consumed as much as 23% of some companies’ operational budgets.
With more than half of all fraud occurring between September and December, and chargeback rates increasing by up to 50% during peak shopping periods, there’s no doubt that fraudsters love the holidays.
Early this fall, online thieves were already pinging websites, making small purchases on stolen credit cards and identifying which cards would work for larger purchases on Black Friday and Cyber Monday.
With holiday sales expected to increase 15.8% this year — averaging $1 billion in sales per day — many retailers will struggle with maintaining bandwidth, monitoring fraud, securing mobile shopping platforms and managing holiday chargebacks.
The Hidden Cost of Chargebacks
While not the most well-known form of fraud, holiday chargebacks are the bane of many retailers. A chargeback is meant to protect cardholders by providing them with a way to secure refunds for fraudulent charges. However, fraudsters take advantage of chargebacks by using them to receive refunds for products they don’t return.
By the time chargebacks are fully accounted for 60 to 90 days after the holidays, it is often too late to stop the fraud. The delayed reporting of chargebacks also means that merchants get a distorted picture of their holiday performance. With losses not showing up until early 2018, a promising holiday sales season may not look so good by the end of Q1.
Preventing Online Fraud
To prevent chargebacks and online fraud from damaging your bottom line, use a friction-free fraud detection system that can reduce manual fraud reviews and detect suspicious transactions in a matter of milliseconds. These days, AI and machine learning can sift through hundreds of data points — minimizing manual reviews and making sure legitimate transactions are processed seamlessly.
Persona technology can also scan online purchasing behavior in real time, assessing the number of credit cards and email addresses linked to a certain persona, and pinpointing any discrepancies in customer-divulged information.
To reduce chargebacks or the possibility of having your website — and revenue source — shut down by hackers, identify your customers, flag suspicious activity and use two-factor identification to confirm that customers are who they say they are.
Two out of three chargebacks are due to fraud, while the remaining third are from customers dissatisfied with their purchases. For this segment of the population, a simple and prompt return policy can save your company expensive chargeback fees down the road.
Another way to prevent chargeback fees is by adjusting your fraud parameters to find the perfect balance between fraud and conversion — letting the right customers in and keeping the wrong ones out. Requiring three-digit Card Verification Values (CVV codes) and Address Verification Services (AVS) for every purchase can also keep thieves from placing fraudulent orders.
Beating the Holiday Rush
As the holiday season picks up, it can become difficult for small businesses to track and monitor every instance of fraud. As a result, holiday orders face less stringent vetting — bad news when you consider that cyber-attacks increased by 134% on Cyber Monday.
At peak volume, holiday orders can become harder to vet because sales tend to be abnormal. And while some unusual activity can be reviewed manually, such appraisals can slow down transaction volume. This waiting period can be dangerous when you consider that two thirds of online shoppers may not return after an incorrect fraud assessment.
As your small business gears up for the season, it’s important to review your credit card verification processes and fix any issues in advance of the busy holiday rush.
Simple Ways to Prevent Online Fraud
- Review your email database for hacked addresses
- Use CAPTCHA to deter bots from testing credit cards
- Use AVS to ensure cardholder billing addresses match orders
- Require CVV codes on all credit and debit card purchases
- Flag multiple order attempts from the same IP address
- Ensure order addresses and IP addresses are from the same country
Regardless of what the holidays bring, Bluefin will be with you every step of the way — offering seamless PCI-validated Point-to-Point Encryption (P2PE) technology for POS transactions and payment iFrame and tokenization for ecommerce payments. To keep your company safe and secure, contact Bluefin today and learn more about our security solutions.