CNP FRAUD COMMON WARNINGS: Global eCommerce sales will almost double from $2.3 billion in 2017 to $4.5 trillion in 2021. For context, this figure is very close to Japan’s GDP total of $4.9 trillion. This isn’t a local phenomenon, the growth of online sales is global.
If we take a look at 10 of the largest eCommerce markets around the world, we can see its spread.
This is a huge opportunity for online merchants. But, it’s not going to be all plain sailing. Card-not-present fraud is also on a rise. At an average cost of $144, the average merchant sees 133 fraudulent transactions every month. It’s close enough to $20,000 every month. This is a concern for big online retailers. This could be a death blow for smaller players. CNP transactions have the problem that the merchant cannot ensure that the payment is made by the authorized user. These are some warning signs that you should be aware of if you are a merchant trying to protect your customers from fraud.
This list should not be taken as an entire list.
New customers who do not have a history of buying are always a danger. Fraudsters are unlikely ever to return to the same store with stolen card details. For first-time shoppers, extra suspicion should be applied and additional verification might be required.
We expect online deliveries to arrive within 2-7 days. So plan ahead. People love to order early so they can save on shipping.
Criminals, however, will not be bothered by extra shipping costs since it isn’t their hard-earned income that they are spending.
They will often choose the shortest delivery time in order to dispose of the goods as fast as possible.
It is possible that international shipping from outside of the merchant’s country may also be worth further investigation.
It could be a difference in shipping or billing addresses or strange email addresses.
We are creatures of habit and online shopping is no exception. Any substantial deviation from the ordered amount could indicate fraudulent activity.
This could indicate foul play even before we get to the payment.
We have all lost our login details at times. After you have tried to the password forgotten, the next step is to click on the link. It’s unlikely that fraudsters will click this link.
Multiple failed attempts to access your account are a big risk factor.
A stolen card will most likely be reported very quickly. Criminals will attempt to profit as much as they can from the card in as little time as possible. It is common to place large orders before your card is canceled.
Fraudsters won’t know what spending limit someone has on their account or card. They will place multiple orders to increase the limit and spend a lot more each time.
You should immediately raise alarm if you see a customer account where there are multiple purchases made in a short amount of time.
If the orders are shipped to different shipping addresses, this could indicate that fraud is part of a larger, organized scheme.
A merchant online can expect at most one to two sets of card details to be registered with a single address. One warning sign is if there are more than two (exempting expired card information).
If you find multiple cards being used from the exact same IP address it could also indicate suspicious behavior by a larger criminal organization.
To combat fraud, payment processing firms have made extra safeguards over the years. These include matching the billing address to the file, verifying the CCV security keys, and prohibiting the merchant’s storage of customer codes.
Although these measures are effective to a certain extent, they should not be used as a standalone strategy. A criminal could have the CCV Code and be able to find the billing address if they have a stolen or stolen card.
Today’s online economy requires an extra layer of security. Not only to protect customers, it is also important for merchants.
3D secure gives customers an extra layer of security. It prompts customers to fill out additional information during checkout to help reduce the possibility of CNP fraud.
The second iteration, 3D Secure2, takes the protocol to the next level by allowing risk-based authentication.
To determine the likelihood that a customer is committing fraud, the transaction will first be checked for risk factors. This will occur at the backend. In most instances, the risk level of fraud is low (believed to be deep in the 90%).
If the risk is too high, the customer can be redirected to a verification screen. This will allow them to verify their cardholder identity (such as passwords or biometrics).
If there is low risk, shoppers will automatically be directed to approval screens without needing to give additional authorization.
Even if the transaction was deemed low-risk, and doesn’t have to go through additional authentication, it still qualifies the protocol for all its benefits. The frictionless checkout experience for shoppers is offered to merchants. However, they are protected from any fraudulent chargebacks.
The 3D Secure 2 protocol, which can be applied across many platforms including mobile apps, browsers, and desktops, provides that extra layer of security to all parties, while still facilitating frictionless checkout experiences for customers.
With many years of rich experience in technology development, Logibiz Technologies aim to boost your online presence by offering 360-degree solutions related to Online Payments and its Security.
From Online Fraud Prevention solutions to White Label Payment Gateway Platform and complete 3DS testing environment, Logibiz has got your back. Additionally, we also offer consultancy services for all your EMVCo & Card Scheme certification needs.
We provide Free Demo & POC of our products which are certified globally and trusted by leading Financial Institutions worldwide.
Book a Free Consultation Call with our experts to discuss how we can help grow your online payments business.
We provide Tailored Payment Solutions for PSPs, Payment Gateways, Banks and Merchants with a complete range of top-tier payment gateway platforms, robust authentication solutions, and cutting-edge testing tools.
We’ll update you on our upcoming events, newsand publications.
Try our solutions for free! Sign up now and see how we can help you.
Explore our comprehensive services. Download our brochure for detailed information on our offerings and solutions.
The 3DS Server provides a functional interface between the Directory Server (DS) and the 3DS Requestor Environment flows. 3DS Server is responsible for gathering necessary data elements for 3-D Secure messages, authenticating the DS, validating the DS, the 3DS SDK, and the 3DS Requestor, safeguarding the message contents. The 3DS Server also helps to protect the message content while it is being transferred to DS and vice versa.