Sam Ranieri, Founder and Chief Executive Officer at Reach, writes for PaymentExpert on the global threat of fraud and how it has intensified in recent years.
Since the beginning of the pandemic, global ecommerce has unlocked lucrative growth opportunities for businesses that want to expand across borders, with sales climbing to $876 billion in the first quarter of 2021, up 38% from the same period in 2020. With this growth is an accompanying rise in fraud, which surged by 159% during the same period, according to a report from Feedzai, the market leader in fighting online financial crimes leveraging AI.
For businesses trying to expand globally, the threats have intensified. Existing fraud defenses are unable to keep up with emerging methods that are evading detection. If retailers want to protect their customers, and their profits, they need to identify where fraud is coming from. Only then will they be able to formulate the most effective defense, and thwart the perpetrators.
Are your customers genuine?
If a loyal customer with regular buying behavior suddenly deviates from this pattern, such as making multiple high-value purchases, the retailer needs to pay attention. Such marked changes can indicate that an account takeover (ATO) is in play. ATOs use stolen personal details to hack into someone’s account and make purchases, and these incidents increased by 650% during 2020.
ATOs are extremely difficult to detect, because a seller can’t determine whether a customer’s verified credentials were stolen, or whether the legitimate customer is attempting to commit fraud. Previous historical patterns that anti-fraud systems would use to flag suspicious behavior have been complicated by the surge in ecommerce volumes following the Covid-19 pandemic.
Data breaches are fueling bots
New customer registrations are always welcomed by retailers, but if an online store is suddenly overwhelmed by a wave of new sign-ups, without any obvious explanation, the retailer should be wary that their unexpected influx of registrations is most likely due to a bot attack infiltrating their systems.
Several data breaches have exposed customer data, like emails, passwords, and log-ins, to be bought and sold through dark web marketplaces. Bots are then used by fraudsters to invade business entry points with false customer registrations, and ATO attacks using stolen card data.
In 2020, Europe overtook Asia to become the top originating regional hub for bot attacks. This serves as an example of why it’s important to monitor how fraud shifts from region to region, so that appropriate defenses can be aligned against specific fraud methods.
Return fraud wreaks havoc on ecommerce retailers
A business selling items for delivery is plagued by customer complaints over items not arriving or going missing from the doorstep before the customer can take delivery. Although the business can prove that the items were dispatched to the customer’s address, the goods have vanished. The business loses the cost of the item, and suffers a chargeback, doubling losses.
Return fraud usually involves someone stealing an item from a delivery address doorway to enable a falsified return. Alternatively, a supposedly genuine customer orders an item with the intention of committing fraud, then claims that the item was stolen, and files a refund claim. Often a retailer will simply issue a refund as they don’t have the time or resources to investigate, and the ‘customer’ keeps both the product and the money used to pay for it.
When confronted with so many emerging fraud threats, business owners often rush to tighten their fraud system rulesets, and cast their nets even wider so they can detect more fraudulent transactions. But this approach is counter-productive, because it blocks legitimate customers whose transactions are declined. In fact, around $146 billion in card-not-present (CNP) purchases are rejected each year, but over half (52%) of these are legitimate transactions. That loss of potential revenues could break a business if left unchecked.
On a wider scale, many brands are reluctant to enter some markets altogether, for fear of suffering from poor authorization levels. Any plans for global expansion come to a premature end because perceived risks of doing business outweigh potential revenues.
Retailers need to strike the right balance of security and optimal user experience, and take a localised approach to fraud, just as they would with payment acceptance methods. The quickest and most effective route to market could be by working with a Merchant of Record (MOR) provider that can shoulder the burdens of fraud management, local regulatory compliance, and optimized payment acceptance.
The MOR route to cross-border growth
For retailers that have not invested the (fairly significant) resources required to establish physical entities in new markets, the MOR model offers several revenue-building and operational strengths. Simply processing transactions ‘cross-border’, like most payments services providers offer, is not economically viable, as it comes with higher processing fees, larger decline rates, and more false positive transaction declines.
An expert MOR provider, backed by access to a strong global network of fraud data providers, can enable a retailer to comply with local regulations, and benefit from dynamic fraud controls that are agile enough to identify fraud patterns, and block emerging threats. Transactions are processed as ‘in-country’ rather than ‘cross-border’, helping to drive up acceptance rates, stop more fraud attempts, and strengthen revenue streams by welcoming more international customers.
Armed with this enhanced fraud protection, retailers can gain the confidence to expand beyond borders. Ultimately, the MOR provider alleviates the stresses that retailers face when trying to grow their business. Fraud mitigation, handling transaction liability, and regulatory compliance are all taken care of, leaving the retailer to focus on the most important things – attracting new customers and elevating their brand to new heights.