How to better manage attempted online fraud on your online store
With the increase in online fraud in 2017, are you aware of how you can try to prevent it going into 2018?
What different types of eCommerce fraud are there?
Types of fraud can be separated into two main categories:
Card not present fraud: online fraud, where card details are stolen to make payments without the card
Card present fraud: occurs at an ATM or at POS devices
Within these two fraud types are other malicious examples of fraud, including affiliate fraud, merchant identity, phishing, ID theft and pagejacking.
As the majority of people turn to buying online the chances of their details being obtained illegally increases.
If you suspect a transaction how can you try to resolve it?
- Contact your bank or merchant facility to see if they can confirm the details of the card
- Has the customer purchased from you before?
- If you have their phone number give them a call to verify their purchase and details?
- Don’t dispatch the goods. This is difficult if your selling digital goods
What else can you do?
- Ensure your online store has an up to date SSL certificate installed (rapid SSL)
- Ensure your website platform is up to date
- Ensure your antivirus is up to date
- Use a reputable host for your website, we use and recommend WPEngine
If your selling internationally, limit the counties you sell and dispatch goods to.
Steps you can include in your analysis of a potential fraudulent transaction
- What country is the transaction from, some countries are renowned for attempting to defraud online businesses
- Is this a first time order by the customer
- Has there been multiple attempts with either the same or different credit cards
- Are they emailing to hurry up the dispatch of their order
What fraud tools can you use?
- Velocity checks monitor the number of times customer data occurs within a specified interval. This could be: IP address, email address, phone number, billing/shipping address
- 3D Secure will send the cardholder to a payment form hosted by Visa, Mastercard, or Amex which requires a password to make payment. Although 3D Secure works well it does offer another layer of complexity to your valued customer,
- Card Verification Values (CVV) confirms the customer is the cardholder by matching the CVV number provided to what is on record with the credit/debit card company
- eWay – Beagle Fraud Protection Beagle sniffs out every transaction for signs of fraud, giving merchants the ability to easily monitor flagged payments and create rules to hold or reject them, reducing chargebacks and losses without blocking real customers. Visit eWay for more information
- PayPal – Seller Protection Visit PayPal
Ensure you merchant facility is PCI compliant, this ensures the merchant meets all the security standards that are designed to keep customer data secure.
From time to time you will encounter a customer who has received their goods and then requested a refund or contacted their bank for a charge back. Be mindful that once a customer disputes or commences a charge back, it is up to you the business owner to prove that you have sent the goods. I recommend using a reputable freight company and send goods registered post.
Also be mindful that under consumer law(depending on local laws) you cannot hold the customers money and goods indefinitely. So progress the transaction audit promptly and efficiently.
If you need advice or assistance with your online store please feel free to drop us an email.