New fraud, new prevention methods

Fraud prevention

Fraud: A constant threat, continually evolving

Any online retailer will tell you that e-commerce fraud is no joke. Between 2018 and 2023, merchants are expected to lose a whopping $130 billion to payment fraud.1 Fighting fraudsters can feel like a never-ending battle. Even if e-commerce risk management systems have become more sophisticated, fraud scammers have evolved to outsmart them.

To find the best way to combat fraud, retailers need to know what they’re up against. According to a Wirecard report, 25% of the online fraud merchants endure is “clean fraud”, followed by “friendly fraud” at 18%.2 These tactics are tricky to catch for multiple reasons.

Clean fraud happens when hackers get ahold of credit card information and use the stolen payment methods to buy something online. Since the payment information is legitimate, clean fraud is often detected too late—once the cardholder realizes that a transaction has been booked that they didn’t authorize. Since clean fraud has the double effect of lost revenue, stolen products, and even fines for not safeguarding data, it can have a crushing impact on retailers. In 2019, British Airways was fined a record $238 million after a half million customers’ credit card data was stolen.

While clean fraud deals in stolen payment data, friendly fraudsters use their own payment information to pull a fast one on retailers. It starts off legitimate: A customer orders goods or services online with their own payment information. After the merchant accepts the transaction and sends the order, the customer pretends they never received their purchase and asks for a chargeback. Their goal is to keep the goods without having to pay for them. This tactic is getting more and more popular, with a scary 41% increase every two years. In fact, experts say that 86% of all chargebacks are probable cases of friendly fraud.3

Fraud prevention: How to fight back

So now that we know what retailers are up against, it’s time to set up a good fraud prevention system. There are several out there, each with pros and cons. According to the Wirecard report, the most common tactic against clean fraud is asking customers to provide their card verification value or code (CVV or CVC).2This helps prevent card-not-present fraud, because the customer needs to provide a number that can only be found on the back of their physical card. The downside, of course, is that this only works against stolen credit card data, not digital payment methods like PayPal or Klarna.

A common tool against friendly fraud is fraud scoring. Retailers can set rules that score each potential sale to determine the probability that the transaction is fraudulent. This gives them a better shot at catching fraudsters in the act, but also brings up another problem: the risk that they end up rejecting a legitimate customer. 69% of merchants worry about incorrectly declined sales, as they cause lost revenue and the risk of losing legitimate customers.2

Machine learning is the future

The battle against fraud might seem like a never-ending struggle, but there’s good news: The integration of machine learning into risk management systems can make a big difference. Machine learning relies on data—lots of it—to identify patterns in payment transactions. Anomalies in the data, such as an account with a history of chargebacks (friendly fraud) or a customer making several expensive purchases within a few days (clean fraud) set off the alarm.

The more data the system is fed, the better the risk assessment becomes, reducing the amount of both fraud attempts and false declines. One study found that fraud prevention systems using machine learning increase detection accuracy by an impressive 90%.4 Future systems will increasingly depend on machine learning, so fraudsters should be shaking in their boots.