Retailers need to be mindful of fraud at all times, especially during the anticipated quiet times of Christmas and New Year's Day. That is especially so for online retailers, who can be impacted much harder by fraud.
Michael Manapat, engineering manager for payments intelligence and experience at Stripe, said the biggest difference between online and in-store fraud is that with e-commerce, it is less about the fraudulent behavior itself, and more about its impact on businesses. Unlike with brick-and-mortar, online businesses are responsible for paying the associated costs, including reimbursements and chargeback fees to the credit card companies.
On average, every $1 of fraudulent online orders costs a business an additional $2.62. Estimates vary, but most experts agree that online retailers collectively lose between $30 billion and $60 billion every year to fraud.
Looking at thousands of transactions from around the world, Manapat and the team at Stripe put together these tips for securing retailer sites this winter:
1. Boost security during quiet times
While fraud increases on heavy shopping days, actual fraud rates are highest during quieter times.
"Consider adding extra scrutiny to purchases made outside of normal business hours, either through manual reviews or other, more stringent automated filters," said Manapat. "What’s interesting is that, contrary to popular belief, fraud rates as a percentage of overall traffic are actually smaller on the busiest shopping days like Black Friday or Cyber Monday, and they’re at their peak when fewer people are online, such as Christmas Day. So, retailers should be especially cautious when processing transactions during quieter times—late at night or on weekends."
2. Create geography-based rules
Fraud rates vary by country. For example, cards from Argentina, Brazil, India, Malaysia, Mexico and Turkey tend to be more fraud-prone. However, you don't want to block all transactions from these areas, so test different geography-based rules on transactions and ask for more information—including CVV numbers and full addresses—from all customers.
3. Think small in the US
Although outside of the U.S. fraudulent transactions are often larger than normal, in the U.S., fraudulent amounts are only slightly larger than regular transaction amounts. Retailers need to review and adjust rules based on locations.
"One of the biggest differences we noticed is the size of fraudulent transactions in different countries," said Manapat. "In the U.S., fraudulent transaction amounts are nearly identical to regular transaction amounts. But elsewhere in the world, fraudulent transactions can be significantly larger than normal transactions—typically about twice as large, and in some countries more than five or even ten times as large."
4. Rapid-fire purchases a giveaway
Once a fraudster successfully uses a credit card with a retailer, he will make additional charges at that store within a short window—up to 10 times fatter than legitimate card holders. As a merchant you should use automated tools to limit the speed of repeat purchases that will deter fraudsters.
RELATED: E-commerce fraud losses down 35%
5. Know their targets
Fraudsters tend to buy products that do not need to be delivered or target services so as to go undetected. Low-end products also stand out because fraudsters assume the police will not waste their time with petty theft.