Do you use contactless cards to pay on the go? I do, because it really saves much time. That’s why this article about the card fraud in “the Guardian” attracted my attention. Instances of fraud on contactless cards are in fact extremely rare, far lower even than overall card fraud. Way more often, the card information is compromised because of debit readers that have been tampered with and placed at gas stations and ATMs – places where plastic is constantly swiped. The fraudsters take the information from the card and create a clone to be used for fraudulent purchases or use this for online purchases. So being a user of a credit card, we should never relax and too feel safe.But the owner of a credit card is not the only person who may suffer in this situation. Accepting online payments, you may find out that your store is the place where the thief is trying to use the stolen card. And if only the order is shipped quickly enough, you risk losing both money and the product “sold”. Don’t forget about the transaction fees you pay to the payment providers, too.
Trial: 30 requests 3,000 requests/yr 10,000 requests/yr FREE: Contact us
Problem: $190 billion lost by merchants annuallyBecause the fraud losses are distributed across all merchants, we don’t hear too much about them. The truth is that the online merchants are losing way more than customers and banks together! This is the US-only statistics by Forbes: Banks lose $11 billion and customers lose about 4.8 billion. Merchants lose approximately $190 billion per year due to credit card fraud. $190 BILLION! Just imagine. Is there your input in it? How much are you losing every year?
How come?The article in the Guardian I was referring to in the very beginning of this blog entry mentions a very interesting fact. Take a look:
“We doubted we’d be able to make purchases without the cardholder’s name or CVV code – but we were wrong,” Which? said. “We ordered two items – one a £3,000 TV – from a mainstream online shop using ‘stolen’ card details, combined with a false name and address.”Do you see that? The online store accepted the card with a fake billing info. The mistake that is very likely to cost the owner £3,000, that is more than $4500! Who can afford such expenses on regular basis? Can you? If not, you should fight the fraud and filter the orders attentively. There are some tools and recommendations, from free or very affordable ones to very powerful and expensive.
Solution: does it exist?When the fraudsters are especially smart and inventive, it’s only another human being who can single out a cybercriminal. But in many cases, the external systems can help to collect comprehensive info, sufficient for a correct decision. The more advanced this tool, the more info you have on file on the one hand, and the more expensive it may be – on another.
A. For young businesses with a few orders per day
- Monitoring the transactions for unusual activity, such as orders for high volumes of product or for many expensive items of the same type or brand. Review the location of the transaction. If the billing address is in New York and the customer is shipping to a place in Oregon, you may wish to further verify the transaction by contacting the customer.
- Work with your payment processor. They may have additional resources to help you combat fraud. Contact them for security enhancing suggestions and advice on how to better verify transactions. Say, enabling 3-D secure feature adds a tiny step to checkout, but makes a large difference decreasing your risks of online fraud.
B. For small and medium businesses looking for affordable automation
Rolled out long ago, the service of ours proved to be extremely helpful and effective for thousands of X-Cart merchants. When AntiFraud screening is enabled, X-Cart submits non personal data about a new order to AntiFraud service server to calculate the risk factor. If the risk factor exceeds the threshold you specified, the order is delayed for your further manual check (like a call to a buyer or asking for an additional evidence of authenticity etc.), with the detailed report being provided, so you have a clear picture, what exactly was suspicious in that order.The antifraud system is what we keep perfecting too. For this reason the Antifraud Service connectors are to be updated too. The connector for v5 has already been updated, and the one for X-Cart 4 is to be included into the upcoming release. Look for the following settings in the updated connector module:
- “Block order processing if risk score exceeds threshold”. If enabled, it will keep returning your customer to checkout page, as long as the risk score is too high, with the threshold value being defined by the manager. The “suspect” will see “contact administrator” notice in this case. If after several attempts ( say, there was an incorrect address) the customer still manages to fill in the info properly, and the order will be created, the unsuccessful attempts will still be logged and reported to the store administrator.
- “Use AVS check result returned from the gateway”setting turns on the following behaviour: The results of AVS (address validating system) check, performed by the payment gateway, can also be taken into account, calculating the risk store of the order. If the score is too high due to this parameter, the order will be created, but with the “Queued/Awaiting Payment” status.