By Ido Lustig, VP of Product, Risk and Identity at Checkout.com
Online commerce has grown to become a critical component of the retail industry: in August 2022, the value of internet sales as a percentage of total UK retail sales was 24.2%. As a result, retailers’ strategies are increasingly focused on the growing number of digital native shoppers. And with the ‘golden quarter’ of festive retail activity upon us, that emphasis will be even more important in the coming weeks.
However, as consumers prepare for Cyber Monday and Black Friday, albeit in a macro context, which means we are likely to see some changes in spending patterns, scammers are also on the prowl. Yes, fraud is growing in volume, but perhaps more important is its increasing complexity. Fraudsters are deploying increasingly innovative attacks, using tactics that circumvent measures generally considered sufficient, such as Strong Customer Authentication (SCA).
The evolution of this scam is developing at a faster rate than many companies are adapting their countermeasures. Many existing online payment fraud solutions are too rigid and not sufficiently designed to counter specific merchant requirements. In addition to the fraud incidents themselves, this leads to detection inaccuracies, blocking of legitimate payments, and unnecessary friction for consumers seeking a seamless payment experience.
Understanding the changing fraud landscape
Far from being a marginal threat, e-commerce payment fraud is a significant problem for retailers, one that if left unchecked could cost merchants more than $48 billion globally in 2023 Y $206 billion by 2025.
One of the main vectors is stolen financial fraud that occurs when scammers use stolen or hacked credit card information that was used to make legitimate purchases, then file a chargeback with their issuing bank to obtain “stolen refunds.” A United Nations Report 2021 found that up to 86% of chargebacks could be fraudulent. This type of fraud disproportionately affects merchants, as banks tend to side with the customer, costing the merchant more than the price of the lost trade, since the bank also charges the merchant for chargeback fees. Fighting stolen financial fraud requires retailers to balance the need to protect shoppers by avoiding unnecessary verification steps or blocking legitimate claims.
On online marketplaces like Etsy or eBay, sellers are threatened with targeted attacks from fake accounts and fake buyer/seller loops. They are deploying increasingly sophisticated methods to bypass authentication measures like OTP (One Time Password), including intercepting bots that intercept and steal additional authentication factors. This is a particular problem given the importance of marketplaces in the retail landscape: up to 70% of e-commerce It is expected to take place in the markets by 2025.
New emerging industries that are pioneering the use of alternative payment methods also present new opportunities for fraudsters and pose another threat to consumers and retailers. For example, given the delayed nature of buy now pay later (BNPL) payments, fraudulent payments may be made in advance before they are identified and retrospective action is taken.
Implementation of the right technology
For consumers, this year’s retail season appears to be dominated by breakneck inflation, leading many to be more discerning about where they shop. And for retailers, that means they can’t afford to compromise on customer experience or security. Checkout.com Investigation has found that 34% of people have been permanently discouraged from a shopping site because of a declined payment. So how can retailers prepare?
One answer is to take a risk-based segmentation approach. In practice, that means separating high-risk from low-risk payment profiles and applying different rules for each. For example, a returning customer using a familiar IP and payment method can generally be treated with a different anti-fraud strategy than a new customer with an unknown or suspicious IP address. The same logic can be applied to geographies, payment methods, or even by product code if certain lines are more targeted than others. The overall effect of this approach will be to block more fraudulent activity, but less friction for transactions that are likely to be legitimate.
In addition to this, retailers must take a personalized approach to combat fraud. Applying a rigid fix will still leave holes in any fraud prevention strategy for fraudsters to exploit. Every business has a unique risk profile, and as such, by employing a tailored approach to fraud prevention, you combat emerging threats more effectively. Hoping that increased sales volumes will outweigh losses from fraudulent attacks is not a strategy. Businesses must prioritize the fight against fraud and not accept that legitimate customers and transactions are blocked as a fair guarantee.
Another approach is the use of advanced machine learning (ML), which can be trained on existing data points from actual fraud incidents, across multiple geographies and industries. This leaves you ready to spot potentially fraudulent patterns in real time, alerting businesses so they can block attacks as they happen, rather than reacting retrospectively. ML also benefits from a networked “immune response”: once a company has been the target of a fraud attempt, data points from that attack can be shared so that other companies’ defenses can also detect the signs of fraud. warning more easily in the future.
The festive retail season will be pivotal for a retail sector facing an uncertain future in the near term. As scams evolve at a faster rate than ever before, fighting fraud right is a critical issue for businesses.
And while this type of investment comes at a cost, companies should not view strengthening anti-fraud solutions as a sunk cost or a short-term strategy just for the retail season. Instead, fraud prevention is a business enabler that will distinguish the winners of the retail season through additional brand equity, consumer confidence, revenue and growth.