eCommerce fraud greatly impacts both consumers and online merchants. Consumers are affected when their credit card data and personal information are stolen and used illegally. Merchants are affected because merchandise is stolen.
What Is eCommerce Fraud?
eCommerce fraud is any type of fraudulent transaction that deprives consumers or merchants of goods, services, money, or personal information. It involves much more than someone illegally using a consumer’s card information to pay for goods or services.
eCommerce fraud can also be committed when consumers lie about not receiving merchandise, requesting a refund, or claiming false damages to get a discount or additional item for free. Furthermore, eCommerce fraud can include other payment methods, such as debit cards and e-check payments.
Why Does eCommerce Fraud Take Place?
eCommerce fraud takes place mostly because transactions are completed online and not in person. The merchant has to assume the consumer is providing valid credit card information when completing a transaction.
Since the card is not present, it is more difficult to verify the card is being used by an authorized person. Additionally, the card data is manually inputted by the consumer, so the merchant does not get the benefit of EMV chip transactions like brick and mortar stores do.
Unfortunately, some people will lie about their online orders to defraud merchants. Again, the merchant has to take the word of the customer that they did not receive an order when they make such a claim.
Six Types of eCommerce Fraud
When most people think about eCommerce fraud, they think about credit card fraud. Typically, someone obtains someone’s credit card data and then uses it to make purchases from online retailers. The thief will often have goods shipped to a bogus address to further make it difficult to find them and the stolen merchandise.
Aside from credit card fraud, six other types of eCommerce fraud include:
#1: Friendly Fraud Chargebacks
Chargebacks occur when the consumer disputes the validity of a transaction. Chargebacks can be valid, as when the consumer has had their card data stolen. Friendly fraud chargebacks are when the consumer claims they never made the purchase or received the merchandise when, in fact, they did just to get a refund.
#2: Phishing Data Theft
This type of fraud occurs when someone unintentionally provides their personal information or card data to what they believe is a trusted source. Unfortunately, it is not, and the phisher then uses the information for fraudulent purposes.
#3: Merchant Data Theft
Merchant data theft is where a hacker breaches a merchant’s database to gain access to customer-stored data, including personal information and stored payment information.
#4: Merchant Identify Theft
This type of identity theft is becoming more common. It is where a consumer clicks on a link in what looks like a valid email or text message from a trusted merchant. Instead, they are redirected to a fake eCommerce website that looks like the merchant’s website.
If the consumer makes a purchase, the fake merchant now has the consumer’s payment information they can use for other fraudulent transactions.
#5: Triangulation Merchant Fraud
This is a variation of merchant identity theft. The first part is the same. However, the thieves then visit the merchant’s website, making purchases of whatever goods the consumers ordered from the fake website and have them shipped to the consumers.
The last part of this intricate process involves the thieves now using the stolen information to make other online purchases for goods they have shipped to themselves. Since the consumer receives the items they ordered from the fake merchant website, it can take them longer to realize their credit card information was stolen.
#6: Card Testing
Batches of stolen card numbers are tested, attempting to make small purchases that are typically under $20 or less. Once the thief identifies approved transactions, they use the valid cards to make much larger purchases, often maxing out the card or draining the funds of a checking account associated with a debit card.
How to Detect Fraud in Online Transactions
There are different ways merchants can detect credit card fraud when they know what to look for, such as:
- Larger orders than the consumer normally makes.
- Inconsistent ordering data where the IP address, address, or zip code do not match that of the consumer.
- Purchasing items from an unusual location like from outside the United States.
- Having purchases sent to multiple shipping addresses different from their billing address.
- Multiple transactions over a short period in varying dollar amounts or for multiple items of the same product.
- An increase in declined transactions from inaccurate card data until an approval is received.
- An increase in the number of orders from a new area you have never received orders from before.
Tips for Preventing Fraud at Your eCommerce Store
Aside from learning how to detect fraud in online transactions, there are also several tips to prevent credit card fraud you can use to help reduce fraud from occurring at your eCommerce store.
- Use fraud detection tools that help identify potentially fraudulent transactions. These tools can suspend the sale and require the consumer to call customer service so the transaction can be verified by an actual person.
- Review what tools your merchant account providers offer to help combat online fraud. Some merchant account providers offer PCI compliance, AVS, and CVV tools as part of your merchant account services plan.
- Use geolocation and IP address location tools. These tools can verify the physical location of the consumer to ensure they are within a specific geographic location that fits their shopping habits.
- Require CVV verification for purchases. The CVV number is a three- or four-digit number on the back of the card that can provide added security for online transactions.
- Enable AVS for online transactions. AVS (Address Verification Service) is part of the services included with most merchant accounts. It helps verify the address of the card owner.
- Ensure your website is secure and transactions are encrypted. Your website should use HTTPS protocols for secure pages. You also need a secure payment gateway for processing online transactions.
- Enable two-factor authentication for CNP transactions. Two-factor authentication can email or text the customer an authentication code they need to enter before they can complete their transaction.
- Provide customers with payment cards. Payment cards are special cards that merchants can issue to their customers which are tied to a credit card or debit card. For merchants, payment cards provide fraud protection since the customers’ actual credit card is not used when making purchases online but, rather, their payment card.
By using these tips, and others, increasing merchant fraud detection to protect your eCommerce store is possible. For further information about PCI compliance, AVS, CVV, and other merchant fraud detection tools available with our merchant account services, please feel free to contact Adept Payments at 888-732-3838 today!