E-commerce fraud refers to credit card payment fraud on online stores. Online merchants suffer fraudsters who make purchases using stolen credit cards. This results in a lot of chargebacks to the merchants. Fraud prevention is very much a necessity for any online merchants as e-commerce fraud is a growing problem.
Types of e-commerce frauds
There are a few types of e-commerce frauds which we have detailed below:
Card testing fraud
Fraudsters steal credit card info and attempt to make online purchases with them. They make small purchases initially to see if the card info is valid before making big purchases.
With refund fraud, fraudsters buy things online with stolen credit cards. Following that, fraudsters will request for a refund to a new credit card with the excuse that the old card has been terminated.
Account takeover fraud
Bad actors have obtained access to a legitimate user’s account, either via hacking or phishing. Once the user’s account has been breached, the fraudsters can buy things using the stored payment methods.
Interception fraud is a 2-step process. For the first step, fraudsters use stolen cards to buy stuff and key in the billing & shipping addresses registered to that card. After the order has been made, they will then edit the shipping address to their own location so that they can intercept the shipment.
Triangulation fraud involves the legitimate buyer, the fraudster and the actual merchant selling the items. First of all, the buyer makes a purchase with the fraudster via their online store (or other sellers working with the fraudster). Next, the fraudster uses a stolen credit card to buy the ordered items from a legitimate merchant. Finally, the buyer receives the items while the fraudster gets the money.
Fraud prevention techniques to mitigate e-commerce fraud
Merchants can detect card testing fraud (a.k.a. carding attempt) easily by tracking purchases from IP addresses and email addresses. If there are many small purchases within a short period of time coming from the same IP or the same email, that’s very likely a card testing fraud.
In the case of the refund fraud, the tracking of IP or email can reveal a fraud pattern. When there are more than 1 refund to a different credit card, that is a red flag.
For the account takeover fraud, the easiest mitigation is to send a One-Time-Passcode (OTP) via SMS or email to key in during login and checkout. This makes sure that it is the actual account owner who is performing the transactions.
Similarly, interception fraud can be avoided by the use of OTP when editing any order details. It may present a small inconvenience to the user but saves everyone from having to deal with fraud.
Triangulation fraud is a bit harder to mitigate. Using a full-featured fraud prevention solution like FraudLabs Pro will help to detect and blacklist such fraudsters.
Why does e-commerce fraud prevention matter?
With every fraudulent order, someone always pays the price. That someone is usually the online merchant. The owners of the stolen credit cards will file chargeback requests and then the merchant will lose money as well as merchandise. Chargebacks can seriously undermine the financial standing of the merchant. E-commerce fraud is no joke as a large number of frauds can bankrupt the merchant.
Online merchants must use fraud prevention in their e-commerce stores. Failure to do so can result in a huge number of chargebacks from fraudulent purchases. In the end, big financial losses like these will put the merchant out of business.
FraudLabs Pro has easy to use and ready-made plugins for major shopping carts. Merchants can opt for the SMS Verification plugin if they wish to have an OTP functionality or use the Fraud Screening plugin for a comprehensive order fraud screening.