CNP FRAUD COMMON WARNINGS: Global eCommerce sales will almost double from $2.3 billion in 2017 to $4.5 trillion in 2021.
For context, this figure is very close to Japan’s GDP total of $4.9 trillion.
This isn’t a local phenomenon, the growth of online sales is global.
If we take a look at 10 of the largest eCommerce markets around the world, we can see its spread.
- China: $672 Billon
- United States: $340Billion
- United Kingdom: $99 Billon
- Japan: $79 billion
- Germany: $73 billion
- France: $43Billion
- South Korea: $37Billion
- Canada: $ 30 billion
- Russia: $20 Billon
- Brazil: $19 billion
This is a huge opportunity for online merchants.
But, it’s not going to be all plain sailing.
Card-not-present fraud is also on a rise.
At an average cost of $144, the average merchant sees 133 fraudulent transactions every month. It’s close enough to $20,000 every month.
This is a concern for big online retailers. This could be a death blow for smaller players.
CNP transactions have the problem that the merchant cannot ensure that the payment is made by the authorized user.
These are some warning signs that you should be aware of if you are a merchant trying to protect your customers from fraud.
Common Indicators of CNP Fraud
This list should not be taken as an entire list.
1- First-time Buyer
New customers who do not have a history of buying are always a danger. Fraudsters are unlikely ever to return to the same store with stolen card details. For first-time shoppers, extra suspicion should be applied and additional verification might be required.
2- Large Purchases
A stolen card will most likely be reported very quickly. Criminals will attempt to profit as much as they can from the card in as little time as possible. It is common to place large orders before your card is canceled.
3- Priority Shipping
We expect online deliveries to arrive within 2-7 days. So plan ahead. People love to order early so they can save on shipping.
Criminals, however, will not be bothered by extra shipping costs since it isn’t their hard-earned income that they are spending.
They will often choose the shortest delivery time in order to dispose of the goods as fast as possible.
It is possible that international shipping from outside of the merchant’s country may also be worth further investigation.
4- Multiple transactions in a short period
Fraudsters won’t know what spending limit someone has on their account or card. They will place multiple orders to increase the limit and spend a lot more each time.
You should immediately raise alarm if you see a customer account where there are multiple purchases made in a short amount of time.
If the orders are shipped to different shipping addresses, this could indicate that fraud is part of a larger, organized scheme.
5- Watch out for inconsistencies
It could be a difference in shipping or billing addresses or strange email addresses.
We are creatures of habit and online shopping is no exception. Any substantial deviation from the ordered amount could indicate fraudulent activity.
6- More cards
A merchant online can expect at most one to two sets of card details to be registered with a single address. One warning sign is if there are more than two (exempting expired card information).
If you find multiple cards being used from the exact same IP address it could also indicate suspicious behavior by a larger criminal organization.
7- Multiple logins
This could indicate foul play even before we get to the payment.
We have all lost our login details at times. After you have tried to the password forgotten, the next step is to click on the link. It’s unlikely that fraudsters will click this link.
Multiple failed attempts to access your account are a big risk factor.
3D Secure Minimizes Danger Through Risk-Based Authorization
To combat fraud, payment processing firms have made extra safeguards over the years. These include matching the billing address to the file, verifying the CCV security keys, and prohibiting the merchant’s storage of customer codes.
Although these measures are effective to a certain extent, they should not be used as a standalone strategy. A criminal could have the CCV Code and be able to find the billing address if they have a stolen or stolen card.
Today’s online economy requires an extra layer of security. Not only to protect customers, it is also important for merchants.
3D secure gives customers an extra layer of security. It prompts customers to fill out additional information during checkout to help reduce the possibility of CNP fraud.
The second iteration, 3D Secure2, takes the protocol to the next level by allowing risk-based authentication.
How does it work?
To determine the likelihood that a customer is committing fraud, the transaction will first be checked for risk factors. This will occur at the backend. In most instances, the risk level of fraud is low (believed to be deep in the 90%).
If the risk is too high, the customer can be redirected to a verification screen. This will allow them to verify their cardholder identity (such as passwords or biometrics).
If there is low risk, shoppers will automatically be directed to approval screens without needing to give additional authorization.
Even if the transaction was deemed low-risk, and doesn’t have to go through additional authentication, it still qualifies the protocol for all its benefits. The frictionless checkout experience for shoppers is offered to merchants. However, they are protected from any fraudulent chargebacks.
The 3D Secure 2 protocol, which can be applied across many platforms including mobile apps, browsers, and desktops, provides that extra layer of security to all parties, while still facilitating frictionless checkout experiences for customers.
