eCommerce Fraud: 8 Ways to Identify Fraud and How to Prevent It
What Are eCommerce Frauds?
eCommerce fraud is a deliberate deception occurring during online sales transactions. Typically, a deceitful customer or cybercriminal performs these actions, trying to hide the fraudulent activity until the transaction is complete. A successful eCommerce fraud scheme negatively affects its victims, resulting in reputational damages, negative brand image, and poor customer relations.
This article is part of our series of articles about identity verification.
In this article:
- Train your Customer Support for eCommerce Fraud Prevention
- Use Hypertext Transfer Protocol Secure (HTTPS)
- Use an Address Verification Service (AVS)
- Use anti-fraud Solutions
eCommerce Fraud Types
Account Takeover Fraud
This type of fraud occurs when criminals obtain unauthorized access to customer accounts. They may use various methods, including:
- Purchasing stolen security codes and passwords.
- Harvesting customer information from the web.
- Using phishing schemes to trick customers into divulging information.
Criminals can execute various offenses after taking over an account, including making purchases, illegally withdrawing funds, changing the account’s details, and accessing other accounts owned by the victim.
Chargeback fraud occurs when a customer contacts their credit card company to void a purchase. It may be executed by criminals using someone else’s real or fake credit card or by real customers attempting to cancel a legitimate transaction. The latter is called friendly fraud, which is detrimental to eCommerce as fraudsters’ activities.
Card Testing Fraud
Card testing fraud is when a criminal illegally obtains payment card numbers, typically by stealing or purchasing them. It often starts as a small operation—the criminal uses the stolen card numbers for small purchases to learn which numbers are valid without drawing attention and determining each card’s limits. After this initial testing phase, the criminal starts making large purchases.
Triangulation fraud involves three actors:
- A fraudster—creates a storefront on an eCommerce platform like Amazon or Shopify, offering high-value goods at attractive prices.
- A shopper—the fraudster’s storefront attracts legitimate customers looking for big bargains.
- An eCommerce store—after a customer places an order using the fraudulent storefront, the fraudster steals the customer’s credit card number. It uses it to buy legitimate products from an actual eCommerce website, sending these goods to the customer.
The victims of triangulation fraud are the individuals whose credit cards were stolen from the eCommerce website.
Refund fraud is when a criminal uses stolen credit cards to purchase an item and returns it for a refund, asking the business to return the funds to a different account or card. You can mitigate this risk by implementing a refund policy that allows refunds to the initial form of payment.
8 Ways to Identify eCommerce Frauds
Here are common indicators of eCommerce fraud:
- Inconsistent order data—if the city and zip code or the shopper’s IP address and email address do not match, may indicate an eCommerce fraud.
- Larger-than-average order—if the order is significantly larger than the customer spends typically, it may be a fraud. Additionally, one order with multiple instances of a single SKU number or expedited shipping may indicate the fraudster is trying to ship the order before being caught.
- Unusual location—if a customer typically purchases from a specific IP address (e.g., in North America) but suddenly tries to purchase from an IP address originating in a different location (e.g., Nigeria), you may be dealing with a fraudster.
- Multiple shipping addresses—if your buyer is making several purchases under the same billing address while shipping the goods to various addresses, it may indicate that a fraudster is behind the transaction.
- A high volume of transactions in a short time—if it isn’t the holiday season and a customer makes several back-to-back purchases, it is possibly a fraudulent transaction.
- Orders from multiple credit cards—if the customer attempts to make several purchases in a day or longer timeframe with multiple payment cards, this might be a fraudster attempting to work covertly.
- A sequence of declined transactions—when a purchaser makes four, six, or more attempts to complete a transaction without entering the correct information (card number, expiration date, and card security code), it is probably a fraudster.
- A string of orders from an unusual country—if your business has never received any orders from a place like Bangladesh, and one week you suddenly get 15 orders from this country, this is probably an eCommerce fraud.
eCommerce Fraud Protection and Prevention
Train Your Customer Support for eCommerce Fraud Prevention
Customer support personnel play a crucial role in preventing eCommerce fraud, helping screen frauds that can harm your eCommerce business. However, an untrained team may rush an order approval, allowing fraudsters to bypass your security systems.
Training customer service representatives to identify fraud indicators is a must. Unfortunately, fraudsters often target customer service representatives who do not have enough anti-fraud training, if any at all.
Hypertext Transfer Protocol Secure (HTTPS) is a protocol that securely exchanges data between an end user’s web browser, like Google Chrome, and an eCommerce online store. It is the more secure version of HTTP. The main difference is that HTTPS protects sensitive data, like customer names and credit card numbers, by encrypting the information.
HTTPS can help protect eCommerce stores from allowing transaction broadcasts by cybercriminals and fraudsters. In addition, it is an effective preventive measure against common, less sophisticated online frauds. You can add HTTPS by purchasing an SSL certificate.
Use an AVS
An address verification service (AVS) provides real-time detection of suspicious payment card transactions to prevent fraud. There is typically integration between the payment processing mechanisms of issuing banks and credit card processors. eCommerce businesses should verify that their payment processor uses an AVS.
An AVS verifies that the billing address inputted by a card user matches the cardholder’s billing address record kept by the bank issuing this card. The AVS verification occurs when the merchant sends a request to the payment processor to authorize a credit card transaction. If the addresses do not match, the system will decline the transaction or flag it for investigation.
Use Anti-Fraud Solutions
Typically, there is a mix of anti-fraud components built into eCommerce platforms and online shopping carts. These tools employ machine learning (ML) algorithms and artificial intelligence (AI) to identify fraudulent transactions based on IP geolocation, device fingerprints, address verification, and email address validation.
Fraud Prevention with BlueCheck
BlueCheck achieves this balance by combining a sleek, field-tested user interface with a robust verification engine that connects to a network of authoritative databases and credit bureaus. In addition, we partner with companies in various industries and growth stages to provide affordable, reliable online age verification. Learn more about how BlueCheck can help you solve your age verification challenges!