In the face of growing e-commerce fraud, many merchants not prepared for holidays

By Steve Brachmann
November 22, 2015

keyboard-credit-card-335In the world of Internet retail, e-commerce fraud takes a couple of different forms. Although we’ve been covering business concerns related to magnetic stripe security vulnerabilities related to card present transactions, online retail has its own particular concerns. Much like the case with the update to EMV chip cards and the resulting shift in liability away from banks that are taking more and more hits from cyber attacks, retailers are often on their own when trying to figure out how to respond to and prevent e-commerce fraud in online, card-not-present transactions.

Unlike security breaches relying on magnetic stripe card reader vulnerabilities, which are undertaken by tech savvy criminals, online e-commerce fraud can be undertaken by anyone who has access to stolen financial information and is willing to lie. Information released by fraud software developer Sift Science has found that most fraudulent purchases are made by those claiming to be 85 and older and shipping to Alaska, selected most often because it comes up first in every state shipping menu. Once merchandise is shipped to a fake address it is usually sent to the fraudster through a reshipping service, leaving the merchant with little information about the fraudster’s true whereabouts.

Merchants already spend a lot of time parsing through online transaction orders in order to root out any fraudulent ones. Reports indicate that just over one-quarter of online orders are flagged by merchants as suspicious with each order taking an average of six minutes to properly review. The National Retail Federation expects online retail sales to increase during the 2015 holiday season by 3.7 percent over 2014’s numbers, up to $630.5 billion this year. If one-quarter of those sales are potentially fraudulent, then prevention of fraud on e-commerce platforms is going to become much more important and time-consuming for Internet merchants in the coming days. Increases in online retail activity will likely make e-commerce fraud a much more expensive proposition than it was in 2009, a year which saw online fraud losses of $3.3 billion.

As card-present transactions become less susceptible to fraud because of the shift to EMV chip card technologies, it’s expected that more fraud will shift to online platforms where it’s still relatively easy to input fraudulent financial information without being noticed; some reports indicate that online retail fraud in the U.S. alone is expected to rise by 106 percent in three years after October’s EMV liability shift from banks to business owners. One way that businesses conducting sales online can get themselves ready to respond quickly to fraud is through effective planning prior to major sales events like Black Friday or, perhaps more important when thinking about e-commerce, Cyber Monday. If those workers handling fulfillment of online orders are more aware of expected sales projections, it will help them be more aware of clues that the business might be a target for fraud if actual sales figures differ wildly.

Applying a third-party application programming interface (API) can give online merchants a helping hand in preventing fraudulent purchases. One such program is marketed by data science firm Feedzai, based in San Mateo, CA. Machine learning algorithms developed by this country scan a merchant’s transaction data and indicates the possibility of a fraudulent purchase by scoring each one. In early November, the firm unleashed its Data Science Studio software solutions for analyzing large data stores to build, deploy and manage predictive analytics models. This software solution can be installed on-site or it is accessible over the cloud.

More innovations in software-based fraud prevention solutions come from Accertify, which was acquired in 2010 by American Express (NYSE:AXP). The company supports a data management platform known as Interceptas which processes disparate enterprise data to create a customized micro-decisioning engine that can accurately screen for online fraud in real time. Features of the Accertify fraud prevention system enable merchants to build profiles from transaction data that give a much more in-depth look at a customer’s purchasing behaviors.

Although chargebacks for restituting a customer’s funds after fraudulent account activity is typically handled by banking institutions, they can also be a financial burden on businesses when they’re liable for returning funds to a customer whose financial data was unauthorized for use in the transaction. Technologies to protect merchants against this burden come from Chargeback Gurus, headquartered in Allen, TX. This company has reportedly been able to recover millions of dollars that would have been lost by businesses as chargeback fees over the past 11 years. Software developed by Chargeback Gurus can identify fraudulent transactions before products are shipped by e-commerce entities, preventing a chargeback from ever occurring in the first place. The company boasts that its solutions offer “360-degree bulletproof” protection from chargebacks as well as an 83 percent success rate over the previous ten years.

Some e-commerce platforms are increasing their protection measures against fraud, giving some support to similar measures being undertaken by retailers. International online marketplace provider OLX, based in Buenos Aires, Argentina, has said that it will increase fraud prevention activities in some of its markets by partnering with agencies processing customer financial information as well as stepping up verification of product information. Unfortunately, OLX doesn’t operate in the American market, but it’s clear that e-commerce fraud prevention solutions are becoming highly prized all over the world.

Companies in America and beyond can, however, benefit from fraud prevention technology developed by Guardian Analytics of Mountain View, CA. This firm’s technological solutions include dynamic account modeling techniques which can check all e-commerce activity against normal behaviors for online consumers, quickly identifying anomalies that could indicate fraudulent activities. Software solutions like FraudMAP and management solutions like FraudDESK, both developed by Guardian Analytics, are designed to help businesses stay on top of potential fraud while reducing the burden of analyzing online transactions placed upon business employees.

Tech R&D giant IBM (NYSE:IBM) of Armonk, NY, also offers solutions for e-commerce fraud prevention through the Trusteer platform which it has acquired in recent years. Trusteer Rapport, which can be applied by merchants and banking institutions alike, provides multiple layers of protection against malware and phishing attacks as well as the protection of web browser sessions to reduce the chance of tampering with transactions.

Still, with all of these e-commerce fraud prevention technologies available, some are reporting that most Internet retailers are not prepared for the influx of fraudulent activities likely to sprout up this holiday season. A LexisNexis study on online fraud found that large e-commerce companies saw an uptick in fraud as a percentage of total revenues between 2013 and 2015, up from .80 percent to 1.39 percent. The same study found that merchants without a physical presence, solely operating as e-commerce entities, were most likely to be hit by chargebacks. And yet, as of late October, it had been reported that about 38 percent of Internet retailers had not yet begun planning for the holiday season. With digital sales expected to be a much bigger source of revenues for all retailers, business owners risk damaging their interests without strongly addressing their vulnerabilities where e-commerce fraud is concerned.

The Author

Steve Brachmann

Steve Brachmann is a freelance journalist located in Buffalo, New York. He has worked professionally as a freelancer for more than a decade. He writes about technology and innovation. His work has been published by The Buffalo News, The Hamburg Sun, USAToday.com, Chron.com, Motley Fool and OpenLettersMonthly.com. Steve also provides website copy and documents for various business clients and is available for research projects and freelance work.

Warning & Disclaimer: The pages, articles and comments on IPWatchdog.com do not constitute legal advice, nor do they create any attorney-client relationship. The articles published express the personal opinion and views of the author as of the time of publication and should not be attributed to the author’s employer, clients or the sponsors of IPWatchdog.com. Read more.

Discuss this

There are currently No Comments comments.