As we are increasingly shopping on the internet, tons of companies are accepting online payments, which also increases the risk for credit card fraud. Unfortunately, this is a familiar scenario for webshops. You receive a large order from a new customer, putting your business on Easy Street. But at the same time, something doesn’t seem quite right.
With a little research, you realize that this is a case of credit card fraud – hopefully before sending the order. It can be very damaging to your business if you end up being the victim of many successful fraud attempts.
Although it is difficult to catch every credit card scammer, there are a number of things you can do as a web shop owner to protect your web shop against credit card fraud.
Indicators for credit card fraud
First and foremost, it is important to discover what you need to monitor in case of attempted fraud. We’ve listed some potential indicators of transactions that are very likely to be attempted credit card fraud:
1. An order that is much larger than normal
2. First-time customers you haven’t sent an order to before (although this
3. An order where the delivery address is not the same as the billing address
4. Any previously rejected orders prior to a successful order, especially if the billing information or card number was changed in subsequent order attempts
5. IP-addresses that are not in the same area as the billing information for the order
6. Email addresses where the person’s name in the email address does not match the name of the person in the billing information
These are just some of the things you need to be aware of. These indicators do not necessarily mean that you are dealing with a fraudster. Even so, it is important that you be aware of them before shipping out an order.
Great tips for combatting credit card fraud
Customers are not the only ones who must be aware of credit card fraud. As a web shop owner, you must be too. Sending off too many orders for which you will never get paid can ultimately destroy your business. With these 5 tips, you are well on your way to combatting credit card fraud in your web shop.
1. Analyze the transaction behavior
First and foremost, you must “get to know your customers”. By that, we mean that you should identify what a completely normal purchase in your web shop usually looks like. This could be anything from the time of day you see most activity to the products being purchased or the amounts of money being spent. In addition, it is always important to be aware of anything that may seem much too good to be true. If this is the case, you’ll usually have to go with your gut.
You can choose to investigate the specific transaction further by first finding out if the name and the address match. You can also take a look at the IP-address to see where it is from and to see if the purchase is legitimate or just a scammer trying to trick you. This is a particularly good idea if it was preceded by several rejected transactions and then a transaction that was approved.
You also have the option of using the AVS system (Address Verification Service), which was developed to identify credit card fraud on the internet. The system matches the numerical shipping information provided by the customer when ordering with information held by the card issuer about the particular card holder. Because the information is limited, this can mean that legitimate transactions are rejected. It can, however, contribute to combatting credit card fraud in din web shop.
2. Use a fraud detection system
A fraud detection system scans transactions and scores them based on the probability of fraud. Many different items are considered in order to determine risk score, such as user behavior, device ID, IP-address, whether the card has previously been used in a fraudulent transaction, etc. The data are then compared to "normal” attributes. If the transaction is considered valid, it will then be permitted and processed. If the transaction has a risk score above a certain limit, a warning will be issued, and the transaction can be rejected automatically. Therefore, a fraud detection system can help you reduce the amount of fraud and chargebacks.
There are several of these systems, such as NS8 Protect for PrestaShop, which identify campaigns and traffic sources which are costing you money, and it also blocks bots from being retargeted.
Another one is Clearhaus Fraud Detection, where a card gets a so-called “fraud marking” if it has been involved in a fraudulent transaction. There are similar system from P2P gateways you can also use like Quickpays Fraud Filter or Stripe Risk Evaluator.
These fraud detection systems are probably among the best tools to combat fraud, and it’s usually just a matter of a tick to enable them on your payment gateway.
3. Use 3D-Secure
3D-Secure is a term for the two security standards Verified by Visa and Mastercard Securecode, which were developed by Mastercard and Visa. 3D-Secure is a feature you can activate in your payment system in your web shop, which helps keep away fraudsters.
By using 3D-Secure in a web shop, extra security steps are added to the payment process. What happens is that your customer will receive a code by SMS, which must be entered immediately after the customer enters his or her creditcard information.
When a customer’s payment is processed via 3D-Secure, the security for your company increases significantly in case of credit card fraud. This is because, as a rule, any loss will not harm you, as it will if you don’t use 3D-Secure in your webshop. Instead, the issuing bank for the card assumes the risk when using 3D-Secure.
Today, 3D-Secure is one of the best tools available against credit card fraud, and it is used by many European banks. Where many shops previously were a bit reluctant on enabling 3D Secure, it is now used by almost any big retailer, and has almost become a norm.
4. Validate the customers e-mail address and phone number
When a scammer is shopping in your web shop, the e-mail address or phone number entered usually are fictitious. If you are unsure, whether you are dealing with fraudster, it can be an advantage to check both the e-mail address and phone number entered.
As far as the e-mail address, you can go in manually to check if it is valid. If it is not valid, you should follow your gut and not just send off your product immediately. You can also opt for calling the customer to check if the number in question is valid. If you are unable to reach the customer, or if it is an invalid number, it is very likely due to fraud.
5. Have an SSL-certificate
It is important for you to secure your web shop in every possible way. Obviously, the payment page is the most important. You can secure this page by having an SSL-certificate in you own name, which you implement on your web shop. This ensures that you can protect yourself more effectively against hacking and credit card fraud. It is a further bonus that it also makes it safer for customers to shop in your web shop, if you have an SSL-certificate.
Protect your web shop
The more security you have for your webshop, the greater your chances of avoiding fraud.
Although fraud still happens every single day – regardless if you have utilized all these steps – you can reduce your risk of fraud significantly. This does require, however, that you are actively monitoring your webshop and following up on any red flags you notice.
Thanks for reading and make your online retailing stay safe out there!