Fraud prevention stakes have never been higher for e-commerce and omnichannel sellers. Fraud is on the rise, perpetrated by criminal gangs and fueled by a parade of consumer data breaches.
Fraud is costly to merchants, eroding margins and alienating good customers. And fraud is more complex than ever, with the potential to evade or overwhelm merchants' internal controls.
Merchants whose in-house programs can't keep up will risk major losses, but outsourcing can feel risky, too. To make informed decisions about fraud prevention, merchants must understand the current fraud landscape, customer expectations, and the risks and rewards associated with internal and external fraud prevention approaches.
Online shopping fraud has been on the rise for several years, and in 2017 alone it rose by 30%. Shipping fraud, in which scammers arrange for stolen goods to arrive at their address for quick reshipping, was up by 37%, per Experian's 2017 E-Commerce Fraud Report. Billing fraud, in which unwitting consumers' stolen data is used to buy merchandise for resale, was up 34%.
This rising tide of fraud is expensive. At first glance, the 0.9% of revenue that the average North American merchant loses to chargebacks and fraud may seem minor, but typical retail margins range from four to 8%. That means the nearly 1% average fraud loss is really a 10 to 20% loss of profit.
Channels matter a great deal to merchants and fraud analysts, because each channel comes with its own security challenges, and because customers are engaging in more channels as part of their shopping journeys. It's important to remember, though, that customers don’t care about the concept of channels. They care about how convenient their shopping experiences are, and retailers must respond accordingly.
In some cases, that means reducing checkout friction by reducing the amount of data customers provide. The best example is Amazon's 1-Click checkout. The customers' credit card, billing and shipping data are already loaded in their account, so they don’t need to enter it each time. This reduces cart abandonment, especially on mobile phones. It also means that anyone who hacks into the customer's account or mobile device can easily commit fraud.
In other cases, retailers must accommodate the travel, purchasing, and shipping habits of well-heeled customers, even though some of their typical behaviors—like ordering from different countries, making high-ticket-value purchases, and shipping to different addresses—can all indicate potential fraud.
Preventing fraud while keeping good customers happy is a key to retailers' success. Javelin Strategy & Research found that 32% of customers whose card is declined by an online store will never shop with that merchant again. Merchants understand false declines as misapplied fraud controls. But declined customers may assume it was due to a credit issue or a value judgment by the merchant, and they may be embarrassed or offended.
Merchants who want to keep their customers and maximize their lifetime value must have a way to connect with people whose orders are flagged in a respectful, timely way and in the language they speak. For retailers who sell internationally, that can mean multilingual 24/7 customer service so shoppers don't have to wait for an order decision.
As scammers iterate their methods, we see sophisticated new fraud trends emerging constantly, such as impersonating merchants to get shippers to redirect packages away from the intended recipients and into their hands for resale. Fraudsters have been known to work in teams to set up multiple IP addresses, place and receive orders, and field order-verification phone calls from customer service to try to steal items worth thousands of dollars.
To beat back this wave of intricate scams, merchant fraud prevention programs must go beyond the basics of validating device ID, billing and shipping addresses, location, and email types.
An effective program must now include always-updating fraud scores and cutoff thresholds; a split manual-review queue, with orders routed to specific analysts based on store profile and analyst capabilities; two-way reporting for accurate internal files; scalability for sales peaks; customization by channel, store, and industry; proactive people management and quality checks on fraud analysts; 24/7 IT support; and consistent chargeback challenge code logging.
All of these elements matter because fraud methods are always changing, and customer expectations are always high.