December 22, 2017
The holidays are a major stress test for professionals supporting the retail pipeline. Every year, e-commerce retailers (eTailers) vow to fight the wave of holiday fraud better than the year before without turning away good business. Now they must also prepare to defend themselves against more overall fraud attacks; they can expect fraud attempts to jump by 30% or more – much like they did in 2016. One of the biggest challenges eTailers face is recognizing criminals hiding amongst the higher volume of shopping during peak season. Another key challenge is anticipating a fraudster’s tactics, which become increasingly sophisticated to fool businesses out of goods and services.
So, how should eTailers fight these and other fraud challenges before they are slammed with peak season? There are four key steps:
Have a fraud team member routinely challenge rules and make fine-tuning adjustments based on what he/she learns. Keep a line of communication open with the promotions department, so you’re aware of what deals fraudsters might attempt to take advantage of, like offer codes and other holiday-specific promotions.
Criminals attack their eTailer victims through several different channels including mobile web, call centers, retail stores, and online shopping. Savvy fraud teams employ a range of tools to fight these attacks including identity verification, device fingerprinting, IP proxy detection and geolocation, transaction and custom scoring, and order linking.
One of the strongest indicators of online fraud is the identity information of the consumer (or criminal). In fraudulent transactions, there’s a high likelihood of account credentials, identity information or credit cards having been purchased from the dark web, or the internet’s black market, where this information is freely sold. Rarely do criminals get a full account profile, so they often cobble together authentic credentials into a synthetic identity. Fortunately, with today’s identity verification tools, fraud teams can quickly flag indicators that a user might not be exactly who they say they claim to be.
Sometimes thinking like a criminal means thinking like a robot. Bot activity and automated fraud attacks are relatively new fraud attacks and are becoming more widely used. Malicious bot activity makes up 20% to 50% or more of traffic on e-commerce and media sites. During the holiday season when order volumes are at annual peaks, criminals attempt to blend in with the large number of transactions. There are a few biometric fraud detection solutions that detect bot-like behavior and deter that type of fraud.
The rush of holiday traffic will undoubtedly mean a temporary, larger fraud operation. Acknowledging that your fraud review team cannot scale proportionately with the increase of volume, consider the best combination of software – using advanced techniques in machine learning and artificial intelligence – and staff additions. When identifying the right solution, make sure the machine learning capabilities truly add value all year-long and can keep pace when traffic volumes multiply.
When you do expand your seasonal staff, conduct thorough fraud training – especially if they have a customer service background or mentality. Trained fraud professionals operate with a healthy dose of skepticism and take careful measures not to let a friendly voice fool them into an account takeover or another scheme. This is called social engineering and often, is a most-effective cross-channel fraud technique for criminals – get an online order rejected and call to complain to have that reject decision reversed.
In today’s e-commerce world where there are quite literally millions of choices, losing a loyal customer is tragic. The lost lifetime value of that customer can be huge for a company. This holds especially true during the holidays. One study found that holiday business from repeat customers is greater for both the short term and the long term, and for repeat customers who came back at some point after the holiday season – they spent 160% more than new customers.
Why is the value of the customer so important to fraud? Because your propensity to reject a good customer can result in significant lost revenue. About 10% of rejected transactions are estimated to be false positives. When any of those customers could have become a return customer, it’s worth taking a step back and to make sure you are not too risk-averse. Not all online retailers are tracking false positives, so this holiday season, make it a goal to track false positives and improve your systems to reduce them. Often eTailers have to call customers that were rejected in order to truly determine the level of their false positives. This is extremely valuable information and it’s not uncommon to win back customers that may have been lost forever by reaching out.
In an age where data breaches are far too common – some estimate that the identity of nearly every American adult has been compromised – an online retailer’s confidence in approving or rejecting transactions hinges on the ability to verify identity. One of the simplest and fastest ways to do so involves identity data linkages, which is especially effective at determining a customer’s legitimacy and protecting against account takeover and synthetic identity fraud.
Identity linkages include confirming an applicant’s phone is linked to their name, an address to a name, and an email to a name. Additionally, signals like the date that email was first seen online are huge indicators of risk. Email first seen yesterday? That would be very risky. Retailers who link together identity elements won’t prevent a good customer from getting their holiday goods and will effectively deter fraud attacks.
Be prepared this holiday season: utilize a fully prepared fraud team and customer identity verification strategy. The perfect combination will deliver faster approvals for legitimate customers, reduce fraud and lower false positives this upcoming holiday season so you can concentrate on your bottom line.