The persistence of fraud
John Winstel | Head of Fraud Products
August 03, 2020
If there’s one definitive thing about payments fraud, it’s that it’s constantly changing and requires ongoing diligence to defeat. Fraudsters are always looking for the path of least resistance, and many times businesses aren’t even aware when they’re providing that very path.
But knowledge is power. The more information you have about how fraud is being executed and the solutions that can mitigate its effects, the better you can protect your business and your customers. Arming yourself with technology, best practices and an experienced payments partner is imperative to reducing your risk.
Who’s at risk
As payments have evolved, so has fraud. With EMV chip technology succeeding in reducing card present counterfeit payment fraud, fraudsters are seeking easier targets online. We have also seen an increasing trend toward account takeover fraud. Phishing attacks have risen by 350% in the first quarter of 2020, as criminals attempt to get consumers to give up their financial credentials which can be sold on the dark web.
We’re also seeing an uptick in fraud with P2P payments. Although fast and convenient, these services don’t have the same consumer protections as credit cards. Consumers using services like Zelle and Venmo are advised to send money only to people they know, and ensure the recipient’s address, username or phone number is correct.
Some industries are more at risk than others. Anything that can be monetized quickly is a big target for fraud. This includes things like gift cards and consumer items with a high resale volume like high-end electronics, watches and purses.
Quick-service restaurants and online retailers are also common targets for fraudulent card-testing activity. This happens when thieves make smaller purchases to check the validity of a stolen card before making larger purchases. These small charges often pass undetected by fraud detection solutions and the cardholder.
Online gaming and fuel are two other industries that are more susceptible to fraud. Gaming is especially vulnerable to friendly fraud (see below) because the charges are often listed from the parent company instead of the name of the game. As the last industry to mandate EMV technology, fuel has seen more fraud resulting from pay-at-the-pump terminals that haven’t been upgraded.
Two common types of fraud lead to chargebacks. Friendly fraud happens when a purchase is legitimate, but the customer doesn’t recognize the merchant name or the purchase on their card statement and disputes the charge.
Criminal fraud happens when a customer initiates a chargeback for a refund on a legitimate purchase. This type of fraud is happening more frequently with brick and mortar businesses that are transitioning to online ordering and phone payments and don’t yet have the proper security protections in place.
No business is immune to chargebacks and many view them as a cost of doing business. But not paying attention to chargebacks can result in an increase in both fraud and card processing rates.
The future of fraud
When considering where fraud is heading in the future, we can get some idea by looking at what’s happening in the UK and Europe. These countries have been pushing strong customer authentication practices in e-commerce transactions, most recently with the 3DS2 security protocols.
Currently, only about 3% of e-commerce transactions in the US use 3DS2, while 25-30% of transactions across Europe use it*. In the US, there has been some resistance to adding any type of friction to checkout– and strong authentication practices can complicate things. But as online fraud continues to increase, we’re beginning to see greater interest and adoption for stronger customer authentication solutions.
7 best practices
Fraud is a distinct threat, but not completely outside of a business’s control. In addition to partnering with a payments provider with expertise in fraud prevention, here are 7 best practices you can do to help reduce your risk:
- Employ fraud monitoring and prevention tools, like Worldpay’s FraudSight solution, which uses Machine Learning and AI to stay a step ahead of the fraudsters
- Regularly review orders for unusual activity like large sales increases or out-of-the-ordinary deliveries.
- Use an Address Verification Service to ensure the identity of the cardholder.
- Keep an eye out for billing and shipping addresses that do not match.
- Have concise return policies that are clearly posted on receipts, on your website and at checkout.
- Have a system for actively monitoring, managing and responding to chargebacks.
- Make sure your merchant billing descriptor is clearly recognizable to customers on their card statements.
The only certainty in regard to fraud is that it’s ever-constant and ever-changing. By staying informed, following best practices and partnering with an experienced payments provider, you can help protect your business from the biggest threats happening today and in the future.
*Worldpay Issuer Data