eCommerce fraud is a deliberate deception occurring during online sales transactions. Typically, a deceitful customer or cybercriminal performs these actions, trying to hide the fraudulent activity until the transaction is complete. A successful eCommerce fraud scheme negatively affects its victims, resulting in reputational damages, negative brand image, and poor customer relations.
This article is part of our series of articles about identity verification.
In this article:
This type of fraud occurs when criminals obtain unauthorized access to customer accounts. They may use various methods, including:
Criminals can execute various offenses after taking over an account, including making purchases, illegally withdrawing funds, changing the account’s details, and accessing other accounts owned by the victim.
Chargeback fraud occurs when a customer contacts their credit card company to void a purchase. It may be executed by criminals using someone else’s real or fake credit card or by real customers attempting to cancel a legitimate transaction. The latter is called friendly fraud, which is detrimental to eCommerce as fraudsters’ activities.
Card testing fraud is when a criminal illegally obtains payment card numbers, typically by stealing or purchasing them. It often starts as a small operation—the criminal uses the stolen card numbers for small purchases to learn which numbers are valid without drawing attention and determining each card’s limits. After this initial testing phase, the criminal starts making large purchases.
Triangulation fraud involves three actors:
The victims of triangulation fraud are the individuals whose credit cards were stolen from the eCommerce website.
Refund fraud is when a criminal uses stolen credit cards to purchase an item and returns it for a refund, asking the business to return the funds to a different account or card. You can mitigate this risk by implementing a refund policy that allows refunds to the initial form of payment.
Here are common indicators of eCommerce fraud:
Customer support personnel play a crucial role in preventing eCommerce fraud, helping screen frauds that can harm your eCommerce business. However, an untrained team may rush an order approval, allowing fraudsters to bypass your security systems.
Training customer service representatives to identify fraud indicators is a must. Unfortunately, fraudsters often target customer service representatives who do not have enough anti-fraud training, if any at all.
Hypertext Transfer Protocol Secure (HTTPS) is a protocol that securely exchanges data between an end user’s web browser, like Google Chrome, and an eCommerce online store. It is the more secure version of HTTP. The main difference is that HTTPS protects sensitive data, like customer names and credit card numbers, by encrypting the information.
HTTPS can help protect eCommerce stores from allowing transaction broadcasts by cybercriminals and fraudsters. In addition, it is an effective preventive measure against common, less sophisticated online frauds. You can add HTTPS by purchasing an SSL certificate.
An address verification service (AVS) provides real-time detection of suspicious payment card transactions to prevent fraud. There is typically integration between the payment processing mechanisms of issuing banks and credit card processors. eCommerce businesses should verify that their payment processor uses an AVS.
An AVS verifies that the billing address inputted by a card user matches the cardholder’s billing address record kept by the bank issuing this card. The AVS verification occurs when the merchant sends a request to the payment processor to authorize a credit card transaction. If the addresses do not match, the system will decline the transaction or flag it for investigation.
Typically, there is a mix of anti-fraud components built into eCommerce platforms and online shopping carts. These tools employ machine learning (ML) algorithms and artificial intelligence (AI) to identify fraudulent transactions based on IP geolocation, device fingerprints, address verification, and email address validation.
BlueCheck achieves this balance by combining a sleek, field-tested user interface with a robust verification engine that connects to a network of authoritative databases and credit bureaus. In addition, we partner with companies in various industries and growth stages to provide affordable, reliable online age verification. Learn more about how BlueCheck can help you solve your age verification challenges!