As more and more merchants have adopted EMV for point-of-sale transactions, fraudsters have turned to online (card-not-present) attacks. In 2017, Ecommerce fraud grew by 20%, costing retailers $58 billion worldwide. Chargeback volume alone consumed as much as $40 billion.
With more than half of all fraud occurring between September and December, and chargeback rates increasing by up to 50% during peak shopping periods, there’s no doubt that fraudsters love the holidays.
Early this fall, online thieves were already pinging websites, making small purchases on stolen credit cards and identifying which cards would work for larger purchases on Black Friday and Cyber Monday.
With Ecommerce holiday sales expected to increase 13.2% this year, many retailers will struggle with maintaining bandwidth, monitoring fraud, securing mobile shopping platforms and managing holiday chargebacks.
Preventing Online Fraud
To prevent online fraud from damaging your bottom line, use a friction-free fraud detection system that can reduce manual fraud reviews and detect suspicious transactions in a matter of milliseconds. As your business gears up for the season, it’s important to immediately review your credit card verification processes and fix any issues in advance of the busy holiday rush.
- Use reCAPTCHA to deter bots from testing credit cards
- Use AVS to ensure cardholder billing addresses match orders
- Require CVV codes on all credit and debit card purchases
- Flag multiple order attempts from the same IP address
- Ensure order addresses and IP addresses are from the same country
- Review your email database for hacked addresses
Learn more about Bluefin’s PayConex gateway security tools.
There are also additional measures that you and your employees can take to help spot online fraud. Be on the lookout for purchases where:
- The shipping address does not match billing address
- The purchaser attempts to circumvent your usual payment process (e.g. sending credit card information via email rather than entering it on your website)
- The order is for an unusually large amount of items
- The purchaser wants items rushed or shipped next day shipping (this is not necessarily suspicious on its own but should be noted if there are other red flags)
- The order is from another country – particularly if you sell items that could be easily obtained in any country
- The customer tries different expiration dates after initial decline
- The customer purchases large amount of the same item
- Multiple orders come in with same shipping address but different cards
The Hidden Cost of Chargebacks
While not the most well-known form of fraud, holiday chargebacks are the bane of many retailers. A chargeback is meant to protect cardholders by providing them with a way to secure refunds for fraudulent charges. However, fraudsters take advantage of chargebacks by using them to receive refunds for products they don’t return.
By the time chargebacks are fully accounted for 60 to 90 days after the holidays, it is often too late to stop the fraud. The delayed reporting of chargebacks also means that merchants get a distorted picture of their holiday performance. With losses not showing up until early 2019, a promising holiday sales season may not look so good by the end of Q1.
Beating the Holiday Rush
As the holiday season picks up, it can become difficult for businesses to track and monitor every instance of fraud. As a result, holiday orders can face less stringent vetting and at peak volume, holiday orders can become harder to vet because sales tend to be abnormal. And while some unusual activity can be reviewed manually, such appraisals can slow down transaction volume. This waiting period can be dangerous when you consider that two thirds of online shoppers may not return after an incorrect fraud assessment.
To reduce chargebacks or the possibility of having your website — and revenue source — shut down by hackers, identify your customers, flag suspicious activity and use two-factor identification to confirm that customers are who they say they are.
Regardless of what the holidays bring, Bluefin will be with you every step of the way — offering seamless PCI-validated Point-to-Point Encryption (P2PE) technology for POS transactions and ShieldConex® for Ecommerce payments. To keep your company safe and secure, contact Bluefin today and learn more about our security solutions.
