If you take a look at your business’ e-commerce revenue reports, you might see positive results from your hard work, you might even see it constantly increasing day to day, and that’s great. What you may not have seen is that it also entails the increment of fraud cases and fraud in online transactions. And that my friend is a real problem. So let’s have a look at what types of fraud exist and how can you protect your business against them.
Do not let the numbers impress you, e-commerce fraud has been cohabiting with us since 1993 and has increased every year since then, more specifically 19% since 2003. The Nilsen Report used the example below to illustrate the point about fraud: Internet payment fraud is constantly increasing, and is, apparently, unstoppable.
Read more: Why PSD2 is important for your business
2016 reports have shown that out of every 100 USD in turnover, fraudsters currently snatch 5.65 cents. Little will you say? Well, if we look at the numbers on a large scale, that would be $22.80B of fraud losses in a single year. That’s crazy, right?
But fraud is not something exclusive to credit cards payments. In fact, hackers are becoming more astute and sophisticated in their use of malware to login into accounts and stealing private data. They now have the right tools to command online banking logins using their mobiles, computers, and tablets and get all the bank account details to make fraudulent payments with it.
hackers are becoming more astute and sophisticated in their use of malware
So, in order to prevent this type of actions from happening in your business, it’s important that we see the different types of fraud with which you might run into.
Identity theft, Phishing & Pharming
According to several studies, the most common types of online fraud causing merchants serious concerns are: 71% identity theft, 66% phishing, 63% account theft. Within these, credit cards are the most common target, as fraudsters don’t need much to carry out a ‘card not present’ transaction’.
Usually, hackers’ goal with identity theft is to carry out transactions using a different identity, meaning they simply take over an existing one instead of coming up with a new identity. It’s easier for them to do so and usually faster. They basically appropriate someone’s personal data information, such as names, emails, addresses and credit card account information. This way they are able to make purchases online under a false name and pay using someone’s else’s credit card.
Something similar happens with phishing and pharming, only in the first case, they use fraudulent websites, text messages and emails to steal personal data, while pharming manipulates browsers without customers even suspecting and redirect them to fraudulent websites to steal their password to take over an existing account with online shopping in which they have their payment data already stored.
Of course, in this paragraph, we would also need to include identity theft using malware on computers to spy on users, the interception of credit cards data sent by email, the copy of credit cards in cash machines, restaurants, hotels, and the ‘man-in-the-middle attacks’. This last one involves a more sophisticated technique, in which hackers sneak on communications between customers and merchants in order to stray login information.
This may not sound too threatening, but ‘friendly fraud’ is just another way for merchants to name chargebacks. This case is usually seen when customers order goods or services online and pay for them using a ‘pull’ payment method with their credit or debit card then initiate a chargeback claiming that their credit card was stolen. That’s when their payment is fully reimbursed but they get to keep the goods they bought online.
This method is frequently combined with re-shipping, meaning scammers receive package deliveries at their address, then repack and ship the deliveries to customers in exchange for both reimbursements for the shipping costs and payment as the fee. A study in 2015, suggested that some 1.6 million credit and debit cards are used to commit at least $1.8 billion in reshipping fraud each year.
Within this type of fraud, there are two variants. Although both have the same objective, one gleans more money from affiliate program by manipulating traffic while the other from signup statistic. This is possible by simply using a fully automated process or getting real people to log into merchants’ sites using fake accounts.
The next one is quite simple but extensively used in wholesale. Goods and services offered on a website are sold at a very cheap price but never shipped to customers. This is usually where no-chargeback payment methods come into their own.
According to merchants surveyed, the major challenge in fraud prevention is a lack of system integration that is able to provide a view of all their transactions across all markets. On average 51% of merchants have great difficulty in maintaining an overview of the various fraud prevention tools in different countries, either due to language barriers or the struggle of keeping international records on individual customers.
Despite only having seen some examples of fraud methods hackers use nowadays, one thing is clear: you do not want to be one of those successful entrepreneurs who are excited to see their company move forward and suddenly realize they have a huge security problem screaming: “Heeeere’s Johnny!” just like Jack Nicholson in The Shining.
If you’re ready to integrate a security and fraud management system to your business, make sure to choose the right solution for your company. At TravelgateX we have an exclusive security and integration team to help you find one or to give you the right information before choosing one.