In today’s competitive eCommerce environment, retailers constantly look at ways that they can attract and keep more customers by adding new products and services and providing a better customer experience. Fraudsters however continually seek to take advantage, leaving retailers with the challenge of how to grow their businesses and expand their product and service offerings while keeping fraud at bay. It’s a constant balancing act.
Retailers need to detect and stop risky transactions while maintaining a frictionless experience for genuine customers. Many are finding this an almost impossible task.
Historically, retailers have focused on tackling credit card fraud at the point of transaction, which has caused fraudsters to explore other areas of the customer journey, including account logins, new account signups and coupon abuse, to name a few.
Not only do these expanding levels of fraud have a detrimental financial impact on merchants and retailers, they also skew relationships with customers. To meet consumer expectations for better customer experiences merchants have grown their business offerings into areas such as enhanced loyalty programmes, expedited shipping, and easy returns policies. But true to form, fraudsters simply find new ways to exploit these more streamlined offerings, resulting in more fraud vectors and vulnerabilities to enterprise platforms.
Fraud is increasing
The latest Forter Fraud Attack Index, comparing Q2 2018 to Q2 2019, reported that the overall dollar amount in fraud increased by 12%, underscoring an increase in quality of attacks rather than volume.
One area of interest for criminals is shipping fraud. Today retailers are competing with the likes of Amazon who offer same-day shipping and delivery.
This puts pressure on retailers to offer faster and faster shipping times and fraudsters are capitalising on this. Shipping fraud is classified as an individual using a stolen credit card to make a purchase, and the merchant then allowing that individual to change the shipping address. After that point, different forms of shipping fraud can take place.
Another fraud vector that is popular with criminals is “buy online, pickup in store” (BOPIS). In BOPIS fraud criminals request a shipment to be held at the merchant’s facility and then leverage fake IDs, mules, or manipulate the sales assistants in order to receive the package at the new location.
Fraudsters favour yet another tactic called address manipulation. Here fraudsters purposely mislead automated checks, like the Address Verification System (AVS), by changing only a part of the address to mismatch reality or to be insignificant enough to go unnoticed, creating a conflict between systems. Through minor changes and circumvention of these validation processes, fraudsters can reroute items from their intended locations to drop spots that best suit the fraudsters. Fraudsters then resell the stolen items for a profit.
Market sectors targeted by fraudsters
Fraudsters develop intelligence and expertise in specific market sectors to increase their levels of success. For example, the apparel industry has recently become an area of focus for fraud, particularly in the Americas.
Our latest Fraud Attack Index showed that attack rates against the apparel industry rose by 60% in the Americas, and a more moderate increase of 13% in EMEA in the past year.
Fraudsters study the industry’s nuanced vulnerabilities and then leverage that knowledge to attack businesses. For example, online fraudsters favour apparel and accessories because they know the merchandise is continually in high demand and the products are easy to resell.
Steps to combat fraud
With fraud increasing and the need to maintain a frictionless experience for consumers, retailers need to re-evaluate their current fraud protection strategies.
Unfortunately, legacy-based and rules-based systems are not dynamic enough to keep up with evolving fraud tactics that are growing in sophistication.
Retailers, or anyone selling any goods or services online, need to look at solutions that combine technology with deep expertise in fraud and an understanding of merchants’ needs and sector-specific nuances.
The ability to provide full automation and real-time decisioning is key, particularly from a scalability perspective during peak season points such as Black Friday and Cyber Monday. Enterprises need to have one unified solution to protect the entirety of the customer journey and address the spectrum of online fraud tactics.
Here, for example, the network effect of our global merchant set-up is advantageous for retailers. We have an incredibly extensive network that gives us visibility and intelligence into fraud as it is happening so that we can alert those in our network to threats and vice versa.
This is important because the network effect means that our system is more likely to have seen a given consumer since all merchants in our network contribute data to the system.
The greater amount of data ensures that the system learns faster. Our platform also enables us to evaluate all transactions, not just the risky transactions. The ability to review all transactions is important in order to learn what legitimate customer behaviour looks like, not just fraudulent behaviour.
And, protecting 100% of the customer journey means protecting fraud at points beyond the transaction itself – that’s how we can detect and stop non-transactional fraud such as BOPIS.
Reducing decline rates
Working with multiple vendors to solve a specific pain point in a siloed manner simply won’t scale with business growth and will ultimately result in inaccurate decisioning.
Protecting your business with automated, real-time fraud detection that blocks fraudsters without adding friction to the customer experience will help in delivering great customer service, without the criminals taking advantage of the situation. Retailers need to identify legitimate customers quickly and easily so that approval rates increase, while identifying and blocking the fraudsters. It is a fine balance but, if you get it right, you will be able to grow your business based on the knowledge that you are keeping your systems secure.
Written by Tom Stevenson, UK Sales Director, Forter